Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 5 subscribers
  • Views 16392 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-site VPN upload issue

LeeHwa

Hi,

Currently I'm facing issue on the VPN upload speed.

- FTP upload to Web hosting, the upload bandwidth is 500kb/s-700kb/s.

- VPN upload to other branch Sophos XG, the upload bandwidth is 100kb/s-200kb/s only.

 

My side Sophos model is SG135/UTM9. The IPsec policy attached as below.

 

Any idea or advise on this?

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Lee, and a belated welcome to the UTM Community!  I see you've been here for over a year, but it's the first time I've been in a thread with you.

    I don't remember the details, but there's a vulnerability in AES 256, so I recommend the "AES-128 PFS" Policy.  That also should be much faster than your current IPsec encryption algorithm.  Depending on your hardware, compression can slow down throughput, so I agree that you should try with that off.

    Also as suggested above, you should try testing apples to apples.  FTP direct and then FTP through the tunnel to the same server.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Changed to the default AES-128 PFS Policy, the VPN connection is not working.

     

    The compression on/off method is not work, the upload speed still same.

     

    Will setup the FTP server on their side and test again.

Reply Children
  • 0 in reply to LeeHwa

    You must change the Policy on both ends - or did you mean that changing to AES 128 made no difference?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML