We have two USG 300's, each connected to the Internet via 100Mbit/sec fiber. Each USG has a local subnet with 25-30 computers.
The USGs uses ipsec to connect the subnets. Everything works fine, but throughput is very low - about 4-8 mbit/sek.
Firewall and snat is used, no "extra" features are enabled.
So, we connected the USGs directly via a cat6 cable. Configured ipsec between them, and ended up with a 16 mbit/sek throughput. This is using ESP, and the results stays the same no matter which encryption we use.
If we use AH, we get 48 mbit/sek.
This seems very, very low. Does anyone have any hints or tips?