Hi!
I know there has been a few posts about this before and I understand there will be some throughput loss when connected to the VPN – I just think what I'm seeing is a bit much.
For example, on a Wi-Fi with a 100 Mb/s theoretical connection I yesterday got 82 Mbps on the website fast.com which after connecting to our VPN yielded a drop to 22 Mbps. Isn't that a bit much or is this drop to be expected? Anything that can be done?
Hardware is MX 100 with firmware MX 17.10.4
Have you tried disabling the option "Use default gateway on remote network"?
Forgot to mention I in the above test used the Cisco Secure Client application and operating system MacOS Ventura 13.2.1
So thanks @alemabrahao, but no; I haven't tried that. I think ”Use default gateway on remote network” is an option in Windows, right?
So are using the Anyconnect Client VPN right? Are you using split tunneling?
Yes, AnyConnect VPN is what it says when I open the Cisco Secure Client.app
Setup like this in the AnyConnect Settings in Meraki:
Try specifying the destination traffic only for your LAN networks to validate if it will make any difference.
OK, thanks. But not sure how to do that. ”Only send traffic going to these hostnames” and adding the details for our LAN?
Do I do it for both ”Client Routing” and ”Dynamic Client Routing”?
Take a look on the documentation.
https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Client_Routing
A bit unsure how to set it up. If I just need VPN tunneling to a few specific IP addresses on our LAN, how do I specify that? Would that help with performance instead of routing all traffic via the VPN (I guess it would)?
Sorry for my ignorance and thanks for the help!