I have a situation where I was trying to divide a couple of networks by adding a router in between them (Company LAN = 192.168.1.0/24 & Private LAN = 10.10.1.0/24). Originally my intention was to just set a firewall rule to allow all inbound traffic from the the Company LAN to the Private LAN. For what ever reason the firewall would only allow me to ping to the Private LAN gateway of 10.10.1.254, no further than that. I attempted to work with TP-Link support to resolve this, but after many wasted hours with them I decided to just throw in the towel and configure an IPsec VPN from the SonicWall to the TL-R600VPN across the Company LAN. The VPN works and passes traffic, but it never reaches even close to full speed, currently it is peaking at about 5-10 kbps.
A user in Oregon connects to the Company LAN via NetExtender SSL VPN to access the Private LAN.
I am not sure why these speeds are so low. I have tried to reduce the proposals down to P1: md5-des-dh1 & P2: esp-md5-des. None of proposal adjustments I have made have had any difference at all. I started at P1: sha1-aes256-dh2 & P2: esp-sha1-aes256.
The transfer speeds to the Company LAN are fine, it is only when we communicate with the Private LAN that I run into the bottleneck.
I need to either how to configured the IPsec VPN to work at full speed (20 ish mbps), or how to properly configure the TP-Link TL-R600VPN to allow traffic from the Company LAN to the Private LAN with routing or NAT.
I have made configurations like this in the past with SonicWalls and Cisco devices, but this device is giving me nothing but trouble trying to get it to respect my settings and work the way I expect it to.