12-03-2002 12:01 PM - edited 02-21-2020 12:12 PM
I am getting 60% slower file transfer performance with 3005 compare to 15% with 3030 in peer-to-peer environment.
Any advise to optimize 3005 is appreciated.
thanks,
Audie
12-03-2002 01:24 PM
Hi Audie,
3030 has an encryption module (SEP) and hence has more encryption throughput.
Do you know how much data you are encrypting/decrypting in the concentrator
Are you terminating other tunnels like PPTP, Client IPSEC etc.
Thanks
12-04-2002 05:37 AM
Hi JFrahim,
I am running using IPSec only. The test was based on two peer-to-peer clients in Aironet 1200/350 WLAN.
In WLAN-to-WLAN file transfer between two IPSec clients, the performance hit was 60% comparing without VPN. in WLAN-to-wired LAN, the performace hit was 47% since there was half RF transfer in this setup.
Thanks,
Audie
12-05-2002 04:13 PM
How many IPSec sessions you have? What is the used bandwith? VPN3005 does not have crypto accelerate card as VPN3030. You can improve the performance in many ways. You can modify the IPSec authentication algorythm to be more simple for the CPU (like to change from SHA (preffered) to MD5) and many other. Changing the SHA1 to MD5 will decrease the CPU usage in 10% if it is overloaded with crypting and hashing. More for SHA1 you can find at http://www.secure-hash-algorithm-md5-sha-1.co.uk
There are also few other things you can do. Chech if yoh have LZS compression turned on at VPN configuration. If so, you can turn it off.
Also there are performance problems because of bugs. If the statistics of your VPN clients says that there are many dropped packets, you should upgrade both VPN client and VPN concentrator ASAP.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide