XG Home firewall is throttling my bandwidth. I was able to get ~900MB download on a speed test from my computer through the ISP modem (connected directly). When I was connected through my home router (wired) without the XG home firewall in the network I would get ~880MB download. When I put the XG firewall into the network I now get <300MB. I checked all the traffic shaping configurations that I could find, but I could never get it to where it should be. Is there any traffic shaping configuration that I missed or configured wrong? Thank you in advance for any assistance.
Protectli Vault FW2b
SFOS 18.0.6 MR-6-Build655
try after you turn off the IPS.
XG115W - v19.5.1 mr-1 - Home
If a post solves your question please use the 'Verify Answer' button.
Turned of IPS in the firewall rule. Still only have ~240MB download.
Not the rule, leave that on, I am talking about the IPS in the GUI.
Okay... Where is that located? I was looking for it, but could not find it. In the mean time I will turn it back on.
never mind that last response. I checked it and nothing is applied. When I looked at the actual policies, I disabled the LAN-WAN general, the general policy and the LAN-WAN strict. When I checked the speed, it dropped down to <200MB.
Please post your firewall rule.
I didn't know which part you wanted, so I captured these.
The rule looks okay, though I would tick log the traffic to assist with debugging the issue and try using the web proxy. Please describe your XG hardware.
What site are you using to perform your speedtest?
He mentions in the post "Protectli Vault FW2b" which has a J3060 CPU - a 5 year old, dual core 1.6ghz celeron processor.
I didn't realise that was his hardware.
Given my ISP provides me with 1GB bandwidth, what would be the best specifications for hardware to run the Sophos XG home firewall software? Would a Intel Celeron Processor J4125 Quad core 2.0 GHz be something that I need to look at?
What about Intel Celeron Processor J3160 Quad core 1.6GHz?
for home use the recommendation is the fastest CPU you can get without going above about i3, you don't need computational power. I use a XEON.
Okay, I understand. I am looking at the Intel Celeron J4125 processor.
If you wish to use your 1GB/s internet to the maximum for one user you will need lots of MHZ.
You mean the CPU? This one I'm looking at is 2.00 GHz.
yes, I mean CPU. You will also need to disable speedstep so the CPU is running at a reasonable speed when idle otherwise your throughput will suffer.
What does the CPU utilisation report when you run your tests on the existing hardware?
I have not looked at the CPU utilization report. I will have to do that later. As for disabling speedster? Is that a Sophos component in the XG software?
it was an auto correction function, speedstep in the bios.
I upgraded my Protectli Vault to the newest one, VP2410.
J4125 Quad Core up to 2.7 GHz with 8GB of RAM. I also installed a Samsung 256GB SSD.
I installed SW-18.0.1_MR-1-Build396-396 and currently have my computer connected to the LAN port and the WAN port connected to the ISP provided modem. Although I can get in to the firewall gui and make changes to the configuration, I can never get my computer to go out to the internet through the firewall. I am using it like a desktop firewall for my computer only. Any ideas as to why I have no luck getting out to the internet?
Thank you for any insight.
I found the problem with the install. I was making changes to the network configuration from the console once it booted up, instead of through the webgui. Now it is working fine.
I upgraded the Protectli Vault appliance to the VP2410. It has the J4125 Quad Core up to 2.7 GHz with 8GB of RAM. I also installed a Samsung 256GB SSD This was the answer.