Re: Maximum throughput on a F5 SSL VPN session

Single stream TCP throughput is highly dependent on latency and TCP parameters. Try a simple ping test to see what the latency is. With low latency and the recommended settings, the SSLVPN speed should be within about 50% of whatever the link speed is.

 

To optimize it, generally we recommend:

 

1. Use DTLS instead of TLS (don't forget to create the 4433 UDP virtual).
2. Tune your clientside and serverside TCP parameters, using WAN and LAN optimized TCP on the virtual server.
3. For SMB networking, make sure you use a SMB2 filer. SMB1 makes lots of little partial requests.
4. For NetApp specifically (and probably other SMB too), make sure that you've disabled SNAT on the Network Access settings (not the vs, we're talking about the Network Access settings). It seems that NetApp is more sensitive to situations where the client is NATted, at least from our experience with support cases.