Meraki

Community

Slow SMB transfer between 2 MX95 over AutoVPN 1gb WAN

Andrew3
Conversationalist
Monday
Monday

Slow SMB transfer between 2 MX95 over AutoVPN 1gb WAN

Hey

 

According to specs mx95 shoud be able to transfer 2.5gbit over autovpn. 

I'm only capable to reach 500Mb during file copy over SMB between 2 servers on both locations. 

Turning AMP and IDS didn't help at all.

I'm currently on MX 19.1.7.2 firmware on both locations. Is there anything that might prevent reaching full speed over VPN ?

 

Andrew3_0-1743423496725.png

Andrew3_1-1743423511742.png

iperf3 also doesn't look good

0 Kudos
9 Replies 9
alemabrahao
Kind of a big deal
Monday
Monday

Do you have any traffic shaping rules configured?

How many users do you have on your network?

What is the device utilization and bandwidth utilization graph like?

 

Keep in mind that the maximum throughput is reduced to 2 Gbps when all advanced security features are enabled.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
Andrew3
Conversationalist
Monday
Monday

i've tested with AMP and IDS turned OFF

internet traffic was barely moving before test 5-10Mb at most

Traffic shaping was limited to 1gb. i've tested with 2.5gb limit but none of what i've tried done anything 
Servers that test has been done are connected to either 25gb or 10gb network. 

Andrew3_0-1743426996081.png


from graph its like id didnt reach 500Mb

0 Kudos
RaphaelL
Kind of a big deal
Kind of a big deal
Monday
Monday

Hi ,

 

Were you ever able to reach 1Gbps ? Or is it simply with this firmware that you started to have issues ?

0 Kudos
In response to RaphaelL
Andrew3
Conversationalist
Monday
Monday

most i've seen i think was around 800 during veeam vm replication to another hyperv server. Still not 1gbit. and replication was done after work hours.

also on 1 pdf it says:

Andrew3_0-1743428176905.png


and on different page

MX95/105 Datasheet - Cisco Meraki Documentation
it says

Andrew3_1-1743428212367.png

i think there was some info regarding firmware that mentioned vpn speed increase is that correct ?

"

Security appliance firmware versions MX 18.208 changelog

Important notice

  • USB modems with MX/Z series devices running firmware MX 18 or newer will be limited to best effort support and will not be receiving any future firmware fixes or improvements.

What's new

  • Significant performance improvements for MX85, MX95, and MX105 appliances."

 

0 Kudos
ww
Kind of a big deal
Kind of a big deal
Monday
Monday

Single iperf stream could be limited because of tcp latency 

Did you try with more streams?  -P 5

In response to ww
Andrew3
Conversationalist
Monday
Monday

Andrew3_0-1743429068107.png

Andrew3_1-1743429096942.png

 

 

with 5 streams not much difference

0 Kudos
Mloraditch
Kind of a big deal
Monday
Monday

Have you tried connecting a test computer directly to the ISP at each site and running iPerf? While the firewall and everything involved adds some overhead it could be as simple as that throughput isn't possible between the two ISP connections.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
Monday
Monday

I think you should be getting more throughput than you are.

What speed are your Internet connections at each end?

Is it an MX95 at each end?

 

We need to validate your testing methodology.

  • If you run Iperf to the same host using 127.0.0.1 what do you get?  This sets the upper limit of what you can test.
  • If you run iPerf between two computers directly over your LAN, what throughput do you get?

 

Now that we know the limits of the testing system, we need to move onto the links.

 

You will need to plug a computer directly into each Internet connection (using a public IP address on each), and then do an iPerf.  Painfull, I know.  This will verify the bandwidth available over the Internet path.

 

I see different performance numbers in the sizing guide:

https://documentation.meraki.com/MX/MX_Sizing_Information/MX_Sizing_Principles

PhilipDAth_0-1743442422442.png

 

It's not uncommon to tune SMB to get it performing well.

https://learn.microsoft.com/en-us/windows-server/administration/performance-tuning/role/file-server/...

0 Kudos
In response to PhilipDAth
Andrew3
Conversationalist
yesterday
yesterday

As title mentioned i have 2 MX95 in 2 locations with 1gbit simetrical internet on both locations. 

127.0.0.1 

Andrew3_0-1743491689927.pngAndrew3_1-1743491701395.png

 

server in second location to vm that it hosts (10gb lan)

Andrew3_2-1743491729603.png

server in first location to physical server in first location

Andrew3_3-1743491803637.png

 

server in first location to vm that it hosts (25gbit lan)

Andrew3_4-1743491912985.png

 

I can't do that test unfortunately

"You will need to plug a computer directly into each Internet connection (using a public IP address on each), and then do an iPerf.  Painfull, I know.  This will verify the bandwidth available over the Internet path."

 

Both serves are identical Dell R7615 with 25gbit NICs each just 1 locations is on 25gbit network and second on 10gbit

 

another transfer test is still poor

Andrew3_6-1743492176715.png

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.