Hi Edd,
Please answer the below mentioned queries for better understading of the issue:
+ Are you able to observe the spikes or drops when you initiate the Ping from egress interface to FW1 to egress interface of FW2 which is connected to 10Mbps line?
+ What is the result when ping is initiated from ingress interface of FW1 to ingress interface of FW2?
+ Have you tested if the communication between Domain Authentication to WINDOWS Server 2012 works fine without the VPN?
+ Check if the all interfaces are configured to full duplex by the command : get int <interface name> and also the switch ports are configured to full duplex or not ?
+ Are you able to observe any VPN flaps or interface flaps in the <get event> ?
+ What are CPU levels on the firewall by the command : get perf cpu all detail ?
+ Can you try change encryption algorithm to DES and check if the performance gets improved or not?
Regards,
Rishi