Meraki

Englenet

My hub has 1 gbps internet it has a mx75. I do get 1 gbs internet here. My spoke has 500 mbps internet with a mx75. If I have the site to site vpn off i do get 500mps. As soon as i turn site to site vpn on it reduces too 200 mbps. Meraki documentation says it should be able to get up to 1gbps. I have enterprise support and have spent countless hours on this. I really need a solution. if anyone can help.

thank you,

Mloraditch

Is the internet at your MX75 going out locally or are you running it through the VPN tunnel? If going through the VPN to the hub have you tried setting to go out locally?

What has support said?

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Englenet

It is running through a vpn tunnel. I will try locally. Meraki support has said its a known issue. That doesn't make any sense to me cause my other sites do not have this problem. I use MX75 on all my sites. I transmit large files.

Mloraditch

If they've identified a bug, I would believe them. You can ask them what version of code the bug appeared on and for a rollback to a version before it existed, but breaking out internet locally could definitely help.

Just because it doesn't exist at other sites doesn't mean anything, it could be caused by very specific conditions. I've seen bugs caused by specific devices. Annoying but possible.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

alemabrahao

This could be caused by several things.

What firmware version are you running?

Do you have IPS enabled? If so, try disabling it.

Also check if you are experiencing packet fragmentation and retransmission.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Englenet

MS 17.2.1 CS 17.2.1.1

IPS and AMP disabled.

i do not think i have fragmentation

RWelch

Video: Troubleshooting with Packet Capture

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

RWelch

As @Mloraditch and @alemabrahao have indicated, this can be due to various reasons.

MX Order of operation
1. Directly Connected (clients/devices)
2. Client VPN
3. Static Routes
4. Site-to-Site VPN
5. Non-Meraki VPN
6. BGP Routes
7. NAT-Default Route

Curious if you happen to have other clients/devices going out the Hub and Spoke as well to impact the results you are observing?

Troubleshooting MTU Issues can help you find if you have fragmentation issues.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Englenet

if i directly connect to mx on spoke with site to site vpn on i get 200 mbps with off 500 mbps. i have no ther vpn routes. the default route is to my hub

RWelch

Is there OTHER traffic coming in / going out of your HUB that might reduce its ability to get the 500mbps throughput? If the hub is servicing other spokes it could be a factor in your equation.

What is the PER CLIENT bandwidth limit set at for each MX?

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

Englenet

per client is set to unlimited. I only have one spoke. I have client vpn on our other site but no-one is there. the setup is they work out of different office everyday. I will need to go to site to site vpn eventually on the site that is a client vpn because route is going away.