I have a customer to is looking at an SA520 or SA540. He wants to use this as a firewall for a network with his customer. Behind this firewall there are going to be around 100 users that is going to connect by VPN traffic to some host outside this company network. So the SA520/SA540 is not going to terminate any VPN traffic but only forward it. On other products he has purchased there has been a limit on this. Is there any such limit on this VPN forwarding or will it just use the entire firewall throughput of 200/300 mpbs?
If you terminate IPSec sessions on the device then review the VPN section it details the encrypted throughput depending on encryption algorithm
and also mentions the performance test methodology: Maximum performance based on RFC 2544. All results are aggregate bidirectional. Actual performance may vary upon network environment and configuration.
If you do not terminate any IPSec VPN on the device, i.e. only forward ESP packets through it, then the throughput should be only
limited by the capacity of the device minus the overhead of the enabled features/functionalities, e..g firewall, QoS, fragmentation.
You can find related guideline figures in the above mentioned document and you can consider the same performance test methodology.
Reboot and Factory Default Reset on ISA500 Series Integrated Security Appliances
Reboot or restart of the network device is made when certain changes in the settings need reboot or if the device is frozen. The configuration...
WAN Quality of Service (QoS) Policy Profiles Settings on ISA500 Series Integrated Security Appliances
Wide Area Network (WAN) Quality of Service (QoS) policy profiles manage traffic through classed-based profiles. These pro...
Cisco QuickVPN Installation Tips for Windows Operating Systems
For a video showing installation tips on Quick VPN, visit http://youtu.be/hHu2z6A78N8
Cisco QuickVPN is a free software designed for remote access to a ne...