Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Auto-VPN performance behind Cisco FTD

BIZ
Comes here often
‎Jun 29 2021 6:32 AM
‎Jun 29 2021 6:32 AM

Auto-VPN performance behind Cisco FTD

My company has a Cisco FTD as Internet Edge gateway, behind that, we have a Auto-VPN hub on one-arm concentrator mode, remote sites are on MPLS network.

                            MX 450(1 arm concentrator) 

                              |

Internet 1Gbps - FTD [DC] ———-2Gbps MPLS —————[remote] MX 250- MS

                  

                

 

Speedtest from remote office, we got 400mbps down 700mbps up.  Is this normal to see down speed much lower than up speed?

0 Kudos
Subscribe
3 Replies 3
Inderdeep
Kind of a big deal
Kind of a big deal
‎Jun 29 2021 6:45 AM
‎Jun 29 2021 6:45 AM

@BIZ : Did you check the upload and download speed test with the ISP you are connected with ? I dont think the issues with the device.

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 29 2021 2:07 PM
‎Jun 29 2021 2:07 PM

That's not normal.  Could be so many things - speed/duplex mismatches, MPLS issue, etc.

 

What speed do you get behind the FTD?

If you run something iperf straight into the remote MPLS through to the DC what does it report as the performance?

0 Kudos
Subscribe
Bruce
Kind of a big deal
‎Jun 29 2021 2:39 PM
‎Jun 29 2021 2:39 PM

As everyone has said, unless you have an asymmetric internet connection it’s not normal. Are the bandwidths configured correctly on the MX (SD-WAN page), is the Firepower doing any shaping as the speedtest hits the internet, what about your SP do they do shaping?

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.