Hello all, hoping someone can give a quick bit of advice...
I have 20 dispersed sites each with 5Mb leased lines, and a central hub site with a 100Mb uplink to a top tier service provider. All of the remote sites talk to each other through the hub. This is essentially just 20 L2L connections with hairpinning enabled on the outside int of the hub site.
The hub can talk to all sites at 5Mb (upload and download to those sites at 500KB/s), and with a direct tunnel between any 2 of them I get the full 5Mb, but going via the hub site the maximum transfer speed I can achieve is only 100KB/s.
Is this to be expected with the additional encaps/decaps and encrypts/decrypts that going over the 2nd tunnel to reach the destination brings? Or does it sound as though things aren't quite functioning correctly?
All performance figures on the hub firewall look absolutely fine, pretty constant 20% cpu usage and 50% mem usage, no unusual interface statistics etc. All firewalls are ASA5520.
Any thought or suggestion would be greatly appreciated.
Re: Hub and Spoke VPN network, very slow inter-site
Anyone have any experience with this kind of setup, or any idea what the performance impact should be assuming 50ms latency between all remote sites and the hub? I understand that the decryption and encryption on the hub will add some delay, but I wouldn't expect an 80% drop in transfer rate between any 2 remote sites...
I'm at a loss so any thoughts greatly appreciated?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...