Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 33 replies
  • Answers 1 answer
  • Subscribers 52 subscribers
  • Views 15416 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Connect - slow and freezing connections for SMB and RDP

lukg

I'm using Sophos XG 4500 v19 and we have noticed that connections to SMB servers when using Sophos connect remote access with default IPSEC profile are slow and unresponsive.

DoS protection is off  and we are not using traffic shaping.

Any Ideas ?



This thread was automatically locked due to age.
  • 0 in reply to emmosophos

    This helps with IPsec issues  - thanks a lot

  • 0

    Reply from technical support "the issue has now been resolved after disabling IPsec acceleration.

    Just for your information, there are no known bugs for IPsec acceleration in V19. Both firewall acceleration and IPsec acceleration are enabled by default and this is supposed to ensure increased performance in terms of IPsec."

  • 0 in reply to emmosophos

    Now IPSec runs without performance issues.

  • 0 in reply to emmosophos

    I can also attest that disabling ipsec-acceleration fixed SMB browsing/folder loading issues with a client running XGS2100 and Sophos Connect with IPSec VPN.

  • 0 in reply to emmosophos

    I am so glad I stumbled on this thread. I just spent the day pulling what's left of my hair out trying to figure out why SMB was almost unusable but other protocols were fine.. I did these steps and they seem to have done the trick

    Thanks!

    Jeff

  • 0 in reply to lukg
    lukg said:
    the issue has now been resolved after disabling IPsec acceleration.

    well, I hope that is not the long term "solution"...?

  • 0 in reply to emmosophos

    Is there any updates on this?

  • 0

    We are running XGS3300 SFOS 18.5.2 MR-2-Build380
    We are having SMB speed issues between on-prem firewall and Sophos virtual firewall running in Azure. Case #05611513

    Sophos support offered no troubleshooting when I asked them if this could be MTU size related since we are having issues with anything larger than 1378 bytes over the tunnel. They replied with the following:

    Access the Sophos Firewall console via SSH.
    Select 5. Device Management > 3.  Advanced Shell.
    Run the command: cish
    Run the command “ system ipsec-acceleration disable”

    I'm going to try this but it would be nice to know if we should do some troubleshooting first.

  • 0

    Hi Guys, I have a weird issue where my remote access users (Sophos Connect IPsec) are getting slow speeds all of them maxes out at 20mb up/down. We have a 1gb link at our offices and a lot of the users has at least 200mb connection

    We don't have any Qos or Traffic shaping configured and also no IPS 

    I have also disabled the ipsec-acceleration and the firewall-acceleration with no improvements 

    The ipsec one only helped for pages taking long to load.

    Has anyone come across this issue before? 

  • 0 in reply to CA VAN LOGGERENBERG​

    Yes I'm still dealing with this (or similar). Ours is faster (around 25-35mbs on average) with a 500mbs connection at the office and 70mbs at the client side. I'm on macOS and have been trying different vpn clients in case that's the issue. The built-in Mac client connects but dns doesn't work because MacOS won't allow me to adjust the service order of IPSEC (Cisco) for some reason. I can't get any other client app to establish a connection at all. Been checking back here for a while now hoping someone came up with something.

    I'd also like to know if, because of my 70mbs connection, if 25-35 as good as I should expect. Does IPSEC generally cut speed by half?

    Thanks,

    Jeff

Unfiltered HTML