Hi there

I think if you really want a free tool to test the BW, you can try googling for "iperf".

But for the VPN issue, it really depends on the type of vpn configuration you are setting. Based on the encrytion, there is a specific amount of over head we will need to add for the IPSEC header.

With that, you can pretty much calculate the MTU size you should set. In most cases, many customers have tried with 1350 or 1300. With those in general even with vpn overheads there will still be almost no fragmentation.

Hope this helps.

You can also use windows cmd prompt.  Ping across the vpn but with DF bit set (-f), then specify the size with -l:

     ping 1.1.1.1 -f -l 1300

The size you specify here is the ICMP payload size, so

1300 bytes  ICMP payload

      8 bytes  ICMP header

    20 bytes  IP header

--------------  -------------------

1328 bytes  Total (MTU).

Juniper firewalls calculate MTU based on total length specified in IP header.

You can use "get sa stat" on the firewall to see if there are any fragments sent/received.

Regards,