Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 44 subscribers
  • Views 11311 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG reduced bandwith after time

Mathias Mühlbacher

Hello everyone,

I am using Sophos XG home version (17.0.6 MR-6) and having a strange behaviour of my WAN.

I am having a 250/25 mbit line at my local ISP which is working fine in general.

 

In general when running a bandwith test I get 230-240 Mbit down + 25 Mbit up - as expected.

But after a couple of hours/days my bandwith is reduced. The results varies from something below 1 Mbit and up to maximum bandwith.

I have contacted the support of my ISP and they told me that everything is fine. In addition to that I have also plugged a device direct to the WAN cable and got the full bandwith.

 

From my point of view my XG is slowing my bandwith down.

 

To resolve the issue I usually need to shutdown the firewall, power off the cable modem and restart both. Then I get my ordinary bandwith back.

 

To be honest: I do not have any glue why this is happening!?

 

In addition to that my XG also stops routing for some seconds. Meaning that I am not able to query any of my VLAN subnets.

So far I found nothing at the log files.

 

 

Does anyone has an idea how to start trouble shooting on that dilemma?

 

Regards,

Mathias



This thread was automatically locked due to age.
Parents
  • 0

    Hi Mathias,

    Sorry to hear about these issues you have been experiencing.

    For background information, how is your XG home firewall deployed? What does the resource usage of the XG look like when these strange issues occur?

    Florentino
    Director, Global Community & Digital Support
    Are you a Sophos Partner? | Product Documentation@SophosSupport | Sign up for SMS Alerts
    If a post solves your question, please use the 'Verify Answer' button.
    The Award-winning Home of Sophos Support Videos! - Visit Sophos Techvids
  • 0 in reply to FloSupport

    Okay so I get now 150 Mbit instead of 250 Mbit down - upload is still 25 Mbit.

    The resource usage is very low: 2 % CPU, 19 % RAM, 22 sessions

  • 0 in reply to Mathias Mühlbacher

    Hi Mathias,

    check the modem network setting and see if it will run auto or at least 1000mb/s full duplex, sounds like the modem is the weak point.

    Then check you IPS settings, disable the one with lots of hits, you can fine tune the IPS and build your own rule when you have identified the issue.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 EAP

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hello,

    You may run the command on console to check if there is any error on the interface that may have caused duu to negotiation issue.

    console > sh net interfaces

    Also for live error check you may go to 

    console > system diagnostics utilities bandwidth-monitor

    and enter 'u' twice

    You should get this table and ideally should be 0

    Bandwidth Monitor, (Sampling at every 0.500s), press 'h' for help

      -         iface                   Rx                   Tx                Total
      ==============================================================================
                Port4:            0.00 E/s             0.00 E/s             0.00 E/s
            Port3.502:            0.00 E/s             0.00 E/s             0.00 E/s
                Port1:            0.00 E/s             0.00 E/s             0.00 E/s
            Port2.503:            0.00 E/s             0.00 E/s             0.00 E/s
              GuestAP:            0.00 E/s             0.00 E/s             0.00 E/s
                Port3:            0.00 E/s             0.00 E/s             0.00 E/s
               vxlan2:            0.00 E/s             0.00 E/s             0.00 E/s
                reds1:            0.00 E/s             0.00 E/s             0.00 E/s
               wlnet1:            0.00 E/s             0.00 E/s             0.00 E/s
           vxlan2.101:            0.00 E/s             0.00 E/s             0.00 E/s
                   lo:            0.00 E/s             0.00 E/s             0.00 E/s
               ipsec0:            0.00 E/s             0.00 E/s             0.00 E/s
                 tun0:            0.00 E/s             0.00 E/s             0.00 E/s
                Port2:            0.00 E/s             0.00 E/s             0.00 E/s
                 imq0:            0.00 E/s             0.00 E/s             0.00 E/s
      ------------------------------------------------------------------------------
                total:            0.00 E/s             0.00 E/s             0.00 E/s

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Reply
  • 0 in reply to rfcat_vk

    Hello,

    You may run the command on console to check if there is any error on the interface that may have caused duu to negotiation issue.

    console > sh net interfaces

    Also for live error check you may go to 

    console > system diagnostics utilities bandwidth-monitor

    and enter 'u' twice

    You should get this table and ideally should be 0

    Bandwidth Monitor, (Sampling at every 0.500s), press 'h' for help

      -         iface                   Rx                   Tx                Total
      ==============================================================================
                Port4:            0.00 E/s             0.00 E/s             0.00 E/s
            Port3.502:            0.00 E/s             0.00 E/s             0.00 E/s
                Port1:            0.00 E/s             0.00 E/s             0.00 E/s
            Port2.503:            0.00 E/s             0.00 E/s             0.00 E/s
              GuestAP:            0.00 E/s             0.00 E/s             0.00 E/s
                Port3:            0.00 E/s             0.00 E/s             0.00 E/s
               vxlan2:            0.00 E/s             0.00 E/s             0.00 E/s
                reds1:            0.00 E/s             0.00 E/s             0.00 E/s
               wlnet1:            0.00 E/s             0.00 E/s             0.00 E/s
           vxlan2.101:            0.00 E/s             0.00 E/s             0.00 E/s
                   lo:            0.00 E/s             0.00 E/s             0.00 E/s
               ipsec0:            0.00 E/s             0.00 E/s             0.00 E/s
                 tun0:            0.00 E/s             0.00 E/s             0.00 E/s
                Port2:            0.00 E/s             0.00 E/s             0.00 E/s
                 imq0:            0.00 E/s             0.00 E/s             0.00 E/s
      ------------------------------------------------------------------------------
                total:            0.00 E/s             0.00 E/s             0.00 E/s

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
Unfiltered HTML