We have two sites connected over the internet , with an IPSEC vpn. There are ASAs on either side. The mtu has been hardcoded to 1500.
Is this bad? How much header size does IPSEC add to an ethernet frame? If regular ethernet frames are around 1518, what size are they after ipsec encapsulation?