05-19-2017 11:07 AM
I'll have to check the USG speed vs a local endpoint.
05-24-2017 09:11 AM - edited 05-24-2017 09:13 AM
@UBNT-jaffe I retested my connection and it's the same slow speeds. i can't take the "modem" out of the equation. what i meant by "modem" is the ONT for the fibre service on both ends.
client --> US-8 --> USG1 --> WAN --> USG2
both USG1 and USG2 are with the same ISP.
client is connecting to USG2 using L2TP.
i doubt it is an ISP problem because when i was using my other devices as the VPN server, the speeds were much higher, between 30mbps and 60mpbs.
separately, is there anyway to change the L2TP encryption from 3DES to AES?
06-10-2017 10:15 AM - edited 06-10-2017 11:40 AM
That's bad news, I'm new to ubiquity and was planing to replace my home net to unifi.started with my ap'S and that went well. Will now do my switches this week to. Wanted to exchange my mikrotik ccr1036 too but I get line speed on my 1/1G wan fiber and maxes out vpn.ac at around 800/800mb ipsec, this with no core above 30% util....
06-25-2017 01:37 AM
I am also very interested in the official "specs" on this, we are running 3 sites with USG4Ps as routers and using the site-to-site VPN I see roughly 60 mbit of VPN throughput. Icannot find anything in the specs sheets on VPN speeds that one could expect under "ideal" situations but this should be something people can / should be able to test right?
07-19-2017 10:31 PM - edited 07-19-2017 10:32 PM
Likewise, I am seeing poor performance on an L2TP remote user VPN.
Is there a published spec for what this should be? The 2016 post below by UBNT staff seems to indicate L2TP remote user does not use hw offload and is limited to 25mbps on the USG-Pro-4P. and even less on the 3P.
"if using L2TP/PPTP VPPN : max out at 25 Mbps on the remote access (CPU based processing)"
07-21-2017 12:16 PM - edited 07-21-2017 12:17 PM
The USG is meant for slinging packets first, everything else is secondary.
Other devices often have IPSec crypto hardware, the USG does not. The USG also has relatively anemic CPU compared to other devices (they hit the USG price point for a reason!).
If you want fast VPN, it will cost. TANSTAAFL
Your better off doing VPN on something other than your router/firewall anyway from a security and stability standpoint.
Having wifi problems? Take a look here first: https://help.ubnt.com/hc/en-us/articles/221029967-UniFi-Debugging-Intermittent-Connectivity-Issues-on-your-UAP
07-22-2017 07:15 AM - edited 07-22-2017 09:36 AM
Even if not expecting superspeed (but I've paid for some sort of lunch at least) I was expecting a bit more then the 5-10 Mbps, 15 if lucky, I get with remote user VPN PPTP. All wired connections. 5.5.19
Going the opposite route ( from a wireless connection in UniFi-network, USG,USW 48p and AC Pro) and ending at my cheap ASUS-router I get 30 Mbps with PPTP VPN.
UniFi network and my ASUS router sitting on same fiberconverter/switch on a 1 Gbps connection.
And when running Speedtest you can see that it's not a nice line, it's up and down in speed.
07-22-2017 09:34 AM - edited 07-22-2017 10:23 AM
If I connect from UniFi ( see above) via VPN in my ASUS-router on separate network , I can connect without problem to this site, Speedtest a.s.f.
If I connect from ASUS-router and via VPN in UniFi USG I can't connect to this site, not to Cloud Key, Speedtest a.s.f. It's a hit or miss or ... ?
Using same DNS-servers, ISP and fiber connection. And it's with same PC in both cases.
And I set remote user VPN PPTP according to simple instructions on YouTube, no special settings, Firewall or ...
07-24-2017 06:56 PM
Could you give us some insight in how you achieve 50 Mbps ?
Using GUI in 5.5.19 and 4.3.48 on USG. Not by json-file. SSH maybe.
If it's with Firewall or ..... that I'm missing something.
I only get 5-10 Mbps, a bit slow to my need, but 50 would be OK .
I have a 1 Gbps connection, so no problem there.
08-03-2017 03:31 AM - edited 08-03-2017 03:32 AM
But I'm using automatic setup and still just get these limited speed. And I guess so have all the othters done too.
So what have @UBNT-jaffe done to get 50 Mbs ?
08-04-2017 12:26 PM
I too am getting 11mbps down over L2TP IPSEC with USG at a 100mbps site
Would like Ubiquiti to address this and let us know if this is the max I can exepct from USG or if there is configuration that can improve speed
10-04-2017 01:47 PM
I also had a very low throughtput between two USGs (something about 2-3Mbit)
It helped me to re-enable IPSEC offloading on the USGs.
configure set system offload ipsec disable commit save exit reboot
configure set system offload ipsec enable commit save exit reboot
Now I can use about 8Mbit
10-06-2017 10:12 AM
10-06-2017 11:02 AM
USG pro 4 at default settings (offloading enabled)
IPsec S2S = 160-185 Mb/s
IPsec L2TP = 40 Mb/s - 60Mb/s
Tested using Iperf3 at defaults (over 5201 tcp)
Client - Macbook Pro (2016) using a USB to 1Gb/s adapter.
10.35.35.1 (Nats to 192.168.5.5)
Server - UAS running Ubuntu Server using a 10Gb/s copper connection
Pics of iperf3 testing (done today) over L2TP on the USG pro posted below:
10-06-2017 11:20 AM
Here's a test from speedtest.net from the L2TP client
This is going through double NAT, 3 routers, and 3 switches.
Actual pipe speed is 345Down/24Up Mb/s