IPSec v1 extremely slow download speed on client
-
Following the pfsense documentation regarding IPSec v1 configuration (https://doc.pfsense.org/index.php/IPsec_Road_Warrior/Mobile_Client_How-To), I was able to get it configured and working for mobile clients. However, doing some speed tests shows that download speed for clients to be extremely slow. OpenVPN connection gets about 10+mbps but IPSec yields under 1mbps. Upload speeds are great though, faster than OpenVPN in some tests. I am not seeing anything configuration wise that could affect speed but I am very beginner when it comes to IPSec tunnels. Any suggestions would be appreciated.
-
https://doc.pfsense.org/index.php/Advanced_IPsec_Settings
"Enable MSS clamping on VPN traffic: Enable MSS clamping on TCP flows over VPN. This helps overcome problems with PMTUD on IPsec VPN links. If left blank, the default value is 1400 bytes. This is useful is large packets have problems traversing the VPN, or if slow/choppy connections are observed across the VPN. Ideally it should be set on both sides, but traffic will have MSS clamping applied in both directions."
Change for 1350 and test
-
No difference. I did try turning it on earlier and left it at 1400.
-
1400 is default value. Change for 1350 or 1300…
-
I did try 1350 as advised, no difference. 1300 also made no difference.