New IPSEC tunnel established into GGBLO (London) data center

IPSEC Firewall running on Fortigate 1500d router

Users reported that web pages were loading slowly, and downloads of large files were very slow to come down to browser

Simplified setup to add a workstation to same subnet as Fortigate router and saw same issue

Brought up seperate tunnel to Frankfurt data center and also saw slow performances

IPSEC Firewall running on Fortigate 1500d router

Disabled NPU flag to make sure that no ESP ingress or egress packets were offloaded to the NP processor.

For more details on Fortigate NP (Network Protection) processor settings, check out https://kb.fortinet.com/kb/documentLink.do?externalID=FD36203

Set npu_flag=00 on Fortigate VPN Firewall