IPSec VPN tunnel performance degrades to the point of unusability

Hello.


We have several site-to-site VPN tunnels to Microsoft Azure.  We recently installed a Sophos XG firewall, and have had problems with the VPN tunnels ever since.  The tunnels will perform fine for a while, but 2-3 times per day, the throughput will slow to a crawl.  We are unable to use RDP or SQL through the tunnels until I manually disconnect / reconnect the tunnel.

 

I am hoping that someone here has had a similar problem and knows how to fix it.  Sophos support has been unable to resolve the problem, and the ticket is still open.  I've attached screenshots of the relevant settings on the firewall.

 

Please help.  This is extremely annoying and is wasting my developers' time as they have to stop what they are doing and get someone to reset the tunnel.