Recently we obtained a balance 380 and several hd2 series routers. The balance is set up in drop in mode and has an additional wan connection. The drop in lan port connects to a fortigate firewall. The primary route is set on the peplink. The route addresses the subnet of the internal lan and points to the external ip of the fortigate. The rule is set to allow internal access. In speed fusion the remote sites are able to access internal services at the headquarters location. We do have additional ip addresses on the wan 1 connection that is in drop in mode. I have not added them as additional wan side ip addresses, as currently the firewall is nat routing them to its dmz. Do I need to add them to the balance?
Anyway I am experiencing some pretty hard throughput issues.
The hd units primary internet connections will be cellular. I have one of the hd units connected with lte speeds, and it is able to get 40mg down and 30 mg up. Albeit through a speed test website. When the speed fusion vpn connects to headquarters, I am lucky if I can get a mg a second. When doing the internal speed fusion test, I get roughly 5 mgs to the balance unit. To zero out the firewall itself I have created an IPsec vpn on it, I can achieve 5 mgs a second from fortigate to fortigate. I have also enable tests to different interfaces on the firewall. The speed fusion configuration is set to use both wan connections on the balancer device. These connections are 10/10 and 5/5. They are point to point microwave connections. I can see that traffic is going through the wan interfaces but cant explain or seem to resolve the speed fusion connection to the lan side of the balancer.
I am hoping that someone has seen this before, or has an idea of where I can look.
I should add that there is no traffic shaping setup on either end. The balance is pretty much set up as default incoming and outgoing traffic. Other then a few rules blocking web traffic.