Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Silver

VPN throughput on the ASA5505

I am reading the ASA 5505 and I wonder if someone can explain this to me:

I have a Checkpoint Firewall Secureplatform NGx R65 running on IBM x3650

with two processors quad-core 3.2 Ghz with 4GB RAM. Behind the Checkpoint

firewall is also an IBM x3650 Redhat Linux 4 ES.

I have an ASA 5505 running version 8.0(4). Behind the ASA 5505 is an

IBM x3650 Redhat Linux 4 ES. Everything is connected to a Catalyst 3750

running IOS version 12.2(25) copper Gig interfaces switchport.

I have Site-2-Site VPN between the Checkpoint firewall and the ASA 5505.

The VPN tunnel is AES-256/DH-5/PFS Group5. The tunnel is working fine.

However, I can NOT push more than 20Mbps through the VPN tunnel. I use

IPERF to test the throughput across the VPN tunnel. The CPU usage

on the ASA, at 20Mbps, is about 95% utilization.

If I replace the ASA with another Checkpoint firewall, I can easily

push over 200Mbps+ across the VPN tunnel with Iperf.

When I read the Cisco documentation, it stated that the ASA 5505 can push

up to 100Mbps VPN throughput, according to this link:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Has anyone been able to push 100Mbps VPN throughput with the ASA 5505?

Thanks.

1 REPLY
Silver

Re: VPN throughput on the ASA5505

Does anyone have insights to this? Thanks.

1501
Views
0
Helpful
1
Replies