crypto boost-tcp: how to use it

mMontana
mMontana Posts: 1,389  Guru Member
50 Answers 1000 Comments Friend Collector Fifth Anniversary
With ZLD 5.10 some "boost" of IPsec VPN was delivered to device which had it. So no USG40, USG40W, USG60, USG60W currently, but for USG20-VPN and USG20W-VPN.

How to sensefully use it?
  • Is it useful enable it on only one endpoint if the other one is not capable? Example: USG40 on client side, USG20-VPN on the server side, enable it only on server side could be useful?
  • Is it useful enable it the device is an L2TP server for roadwarriors connections?
Thanks for your time.

All Replies

  • CHS
    CHS Posts: 181  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    It looks only supprot in 5.10 firmware. The other models without 5.10 version.
    In Site-to-Site scenario, of cause it has to apply in both of devices.
    This command should works in all of VPN tunnel.(Not only site to site VPN)
  • mMontana
    mMontana Posts: 1,389  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Thanks @CHS, i had the same impression. But I'd love a statement from Zyxel representatives.
  • mjr
    mjr Posts: 26  Freshman Member
    First Comment Friend Collector Fifth Anniversary

    any updates for the activation of "crypto boost-tcp" in future releases?

  • DimSum
    DimSum Posts: 1
    First Comment Friend Collector
    edited April 2023

    With ZLD 5.10 some "boost" of IPsec VPN was delivered to device which had it. So no USG40, USG40W, USG60, USG60W currently, but for USG20-VPN and USG20W-VPN.
    How to sensefully use it?

    • Is it useful enable it on only one endpoint if the other one is not capable? Example: USG40 on client side, USG20-VPN on the server side, enable it only on server side could be useful?
    • Is it useful enable it the device is an L2TP server for roadwarriors Sonic exe connections?

    Thanks for your time.

    But how to turn it on?

  • mjr
    mjr Posts: 26  Freshman Member
    First Comment Friend Collector Fifth Anniversary

    https://support.zyxel.eu/hc/en-us/articles/4451699825938-Firewall-Increasing-Throughput-Speed-Boost-for-WAN-and-VPN

  • mjr
    mjr Posts: 26  Freshman Member
    First Comment Friend Collector Fifth Anniversary

    How to enable/disable the enhancement:

    To enable the enhancement by CLI command, use:

    Router(config)# crypto boost-tcp
    

     

    To disable the enhancement by CLI command use:

    Router(config)#no crypto boost-tcp
    

     

Security Highlight