Hi guys,
First post so please correct me if i’m not following proper procedures.
I have recently established a site-to-site IPSec VPN from a RB100AHx2 (RouterOS 6.32.2) to Microsoft Azure. The throughput should be 100Mbps, as stated by MS.
At first glance, everything seemed OK. Tunnel stays up, routing works both ways, ping works both ways with low and consistent latency. However, I soon experienced what appeared to be random slowdown of traffic. After a lot of troubleshooting I discovered that about half of all established TCP connections through the tunnel are a lot slower than the others.
I verified this by setting up an FTP server in Azure and transferring large files to it through the tunnel. FTP opens a new TCP connection on the data port each time a new file transfer is initiated. About half of all file transfers settle at 8-12MBps, the other half linger at around 1MBps.
Nothing is logged by ipsec, and CPU usage is low at all times.
I will contact MS about the issue, but since we’re using a Mikrotik router i expect little help from them.
Any ideas on how to figure this out?