Community discussions

MikroTik App
 
HGSupport
just joined
Topic Author
Posts: 8
Joined: Thu Mar 16, 2023 9:53 pm

IPsec tunnel with Fortigate 60F Bandwith

Thu Mar 16, 2023 10:05 pm

Hello !

I will try to explain very well my issue.

I have created a IPsec tunnel between a Mikrotik HAP AX2 and a Fortigate 60F. I was able to make the full remote browsing works (The Mikrotik uses the internet connection of the Fortigate side).

My problem is : I have 1Gbs Fiber in the Fortigate side, and 600 Mbps in the Mikrotik side. When the tunnel is up, PC of my Mikrotik LAN can only reach 29 Dld/ 5 Mbs Upld maximum, so maybe I made something wrong.

I tried to change all encryption method to see any improvment, no luck,
I tried to up the tunnel from my home where I have only 40 Mb/s, and I have the same behavior, the maximum bandwith is 29 mb/s in download.

I checked that the Hardware acceleration is up and yes it is.

If someone have an idea of the root cause, It would be very appreciated.

Have a nice day
 
HGSupport
just joined
Topic Author
Posts: 8
Joined: Thu Mar 16, 2023 9:53 pm

Re: IPsec tunnel with Fortigate 60F Bandwith

Sun Mar 19, 2023 2:45 pm

Hello,

Anyone could help me on this?

I suspect to be a problem of the brand new model HAP AX2, I tried the same configuration with a RB2011UiAS (Without Hardware Encryption), and I've got 20Mb/s / 8Mb/s, I saw the connection a lot more stable, I have 95% of CPU witht this model at the opposite of the AX2 with 25% maximum, so maybe something is here.

Could you know a way to contact Mikrotik on this purpose?

Many thanks guys...
 
johnson73
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Feb 05, 2020 10:07 am

Re: IPsec tunnel with Fortigate 60F Bandwith

Sun Mar 19, 2023 7:07 pm

it looks like Mikrotik hardware acceleration is not working. Usually the speed is 27-29Mbit/s if the HW acc is not working. or for models that do not have this HW acc.
 
HGSupport
just joined
Topic Author
Posts: 8
Joined: Thu Mar 16, 2023 9:53 pm

Re: IPsec tunnel with Fortigate 60F Bandwith  [SOLVED]

Sun Mar 19, 2023 7:53 pm

Hello Johnson, I did a Fortigate upgrade from 7.0.10 to 7.0.11 after my second post, and now I have 230 / 350 Mb/s, I need to check next week if It's when all the users are connected to the main headquarter of the Fortigate that cause problem of bandwidth on the tunnels !

Many thanks for you answer !
 
johnson73
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Feb 05, 2020 10:07 am

Re: IPsec tunnel with Fortigate 60F Bandwith

Sun Mar 19, 2023 8:50 pm

hmmm...fortigate bug? Probably...
Thanks for the information!
 
HGSupport
just joined
Topic Author
Posts: 8
Joined: Thu Mar 16, 2023 9:53 pm

Re: IPsec tunnel with Fortigate 60F Bandwith

Tue Mar 21, 2023 6:12 pm

Indeed, I mounted the 4 HQ and all sites have 200/250 Mb/s without any problem at every part of the day.

The solution was the upgrade of the fortigates !

Have a nice day guys

Who is online

Users browsing this forum: eworm, Google [Bot] and 83 guests