We are trying to set up a tunnel to a remote site that currently has a 100Mb symmetrical connection but when we put in the VPN the connection gives 85 down but only about 12 up. The main site has a 600 Mb symmetrical. We tried changing the MTU on a client machine at the remote location but it did not make a difference. This is set up as a full tunnel with all traffic exiting at the main site.
Solved! Go to Solution.
The remote is a MX67c and the main is a MX100. The speeds measured were using speedtest. The actual speeds within the network moving a file to and from remote and local machines was essentially unusable. We were able to pull the file at about 2MB/s but pushing it back from the remote was only moving at about 350KB/s.
Update: We have put in a pair of WatchGuard T70's for the tunnel as a test and temporary until we can resolve the Meraki issue. These devices are having no issue with speeds.
This really sounds like an MTU issue. What did you try reducing the MTU down to on the client (or server)? I would try an MTU of 1300.
I would use a proper speed test tool like iperf3 and test performance over just the VPN leg.
What version of code is the MX67 running? I had found a major VPN bug in 14.37 and older for the MX67/68. My MX65 would do 120/12 all day long for tunnel traffic, swap for the MX68 and it barfed.
Any easy test is to enable split tunnel so internet speed tests are local, not over the tunnel. If you see improvements you know you are hitting the same bug, as the issue exists only the tunnel.
After upgrading to the 14.39 Stable release candidate our internal speed as measured by iperf doubled on the upload to the main site from 7.6MB/s to 15MB/s
There is no mention of it in the release notes, but I can verify that it does make a difference in site-to-site VPN speeds.