Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 3 subscribers
  • Views 1653 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2TP/Ipsec concurrent connections

DarinPerusich

Hi All,

I realize that the answer to my question is "it depends", but I wanted to ask if anyone has done any testing to evaluate the maximum number of concurrent remote access l2tp/ipsec connections an SG UTM is able to handle. We have an SG230, ha-pair, which the spec's say can handle 2Gbit of VPN traffic but is that site-to-site, remote access, or a combination of both? I'm expecting a spike in the number of users who will be working remotely, and connecting to the VPN due to the covid-19 concerns, and I'm hoping to reasonably informed as to what type of load the UTM will be able to handle before it melts down. 

Thanks!



This thread was automatically locked due to age.
Parents
  • 0

    Hey Darin,

    Bear in mind that each of those numbers represents a box that's only doing one thing.  Keep an eye on CPU usage and bandwidth usage.  You're right - "it depends."

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    I don't know if there's a hard limit but I think at some point too many people being on would eat up bandwidth to the point that it wouldn't be useful. We have a 200mbs Internet connection and this week have 15-20 people on and it's a struggle. We're mainly using smb to share CAD files in Vectorworks, with multiple users writing and reading changes to central models throughout the day.

    I've spent the past couple days testing out different things (SSL vs l2tp, split tunnels, etc) with anecdotal improvements at best. I just stopped UDP flood protection on port 4500 and it made at least MINE faster. Waiting to hear from others.

    Thanks,

    Jeff

Reply
  • 0 in reply to BAlfson

    I don't know if there's a hard limit but I think at some point too many people being on would eat up bandwidth to the point that it wouldn't be useful. We have a 200mbs Internet connection and this week have 15-20 people on and it's a struggle. We're mainly using smb to share CAD files in Vectorworks, with multiple users writing and reading changes to central models throughout the day.

    I've spent the past couple days testing out different things (SSL vs l2tp, split tunnels, etc) with anecdotal improvements at best. I just stopped UDP flood protection on port 4500 and it made at least MINE faster. Waiting to hear from others.

    Thanks,

    Jeff

Children
No Data
Unfiltered HTML