Fri Dec 13, 2013 6:10 pm
That's hard to answer because Cisco doesn't have just one way to do IPSEC. All tunnels have some overhead and all tunnels have the potential to slow down a connection. IPSEC, as it relates to MikroTik, does perform differently on different Routerboards and with different RouterOS versions. We frequently use RouterOS 5.26 for IPSEC because it seems to be stable. When it comes right down to it, you are going to choose an IPSEC methodology, for whatever reasons are important to you, and then you are going to have to experiment until you find the right combination of hardware and software for what you need. There really is not a standard "one way" that works for everything.