Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Very slow connection using pfsense to azure vm

    Scheduled Pinned Locked Moved General pfSense Questions
    azurevpnipsecslow throughput
    3 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      treepio
      last edited by

      I am currently experiencing great issues using pfsense ipsec to connect to azure.
      After having worked fine for a few months suddenly the connection is slow (a few kb/s) and unstable. Normal internet access is fine (100mb/s).
      If I use an ipsec vpn from a client pc, the slowness is still an issue.
      The site-to-site vpn also intermittently drops its connection entirely.

      Testing from the same client using another network (e.g. my phone's) the speeds are normal.
      The microsoft helpdesk already ruled out networking issues from their end as well.
      Does anyone have a suggestion to try?

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        So that's a mobile IPSec server on the same pfSense box that's also slow?

        Check if you have 'Asynchronous Cryptography' enabled in the advanced IPSec settings. Try disabling it and rebooting if you have.
        That would only have applied at an upgrade though.

        Steve

        1 Reply Last reply Reply Quote 0
        • T
          treepio
          last edited by

          After contact with microsoft helpdesk I found the solution for me.
          For future reference: I had to turn on mss clamping and set it to 1350. This is also in the advanced IPSec settings

          Maybe this settings was defaulted after an update? I wasn't the one who configured it in the first place, so I wouldn't know for sure.

          I made sure to match my settings to this document https://docs.microsoft.com/nl-nl/azure/vpn-gateway/vpn-gateway-about-vpn-devices

          @stephenw10 Thanks for the reply, I had this disabled already, but the pointer was appreciated

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.