We have 20+ Xg and XGS's deployed. We started pushing out the mentioned version updating from 18.5.3 MR-3 Build 408. The first 2 devices we updated had all kinds of VPN issues. Users could connect but the connection speed was garbage (less than 1mbps down). Was on the phone with support for over an hour. Finally they came back and said "after conferring with his colleagues there are issues with Version 19 we recommend you rollback". We did this and all the VPN issues were resolved.
FRUSTRATING to say the least. I have reached out to our Sophos Rep regarding this and updates moving forward but so far "Crickets"
Hello Jeremy,
Thank for the confirmation.
As the engineer mentioned in their last email, try disabling the IPsec acceleration from the console (5>4)of the Sophos Firewall.
console> system ipsec-acceleration…
I am also having issues, performance is VERY VERY slow after ugprading to 19.0.0 GA-Build317I had to roll back to 18.5.3 MR-3-Build408 (which resolved the issue).
Thank you for contacting the Sophos Community.
Just to confirm you’re the same user from Reddit that mentioned about Case ID 05337528?
Regards,
Yes
console> system ipsec-acceleration show
console> system ipsec-acceleration disable
Let us know by updating the ticket or this thread if this fixed the issue (if you are willing to move back to v19).
Hi Emmanuel,Will this be fixed or is this ipsec-acceleration function being deprecated?If engineers are working on a fix is there any time frame for a resolution or way to be kept informed on the status?Thanks,Martin
Actually IPsec acceleration is a new feature of V19.0.
__________________________________________________________________________________________________________________
We will try and test on a spare machine. But this seems like a "bandaid" if it does work. What is the fix moving forwared? Is this going to be addressed in the next release?
Sorry I forgot to type it in here, but yes this isn’t a solution only a workaround.
Ok So we have some more information. Both of the Box's that we updated to version 19 that had VPN issues were XGS's (116 and 126). We had also updated some XG's but those clients did not utilize VPN. We set up a VPN config on the XG's that were on Version 19 but did not have VPN configs already. Ran Speed tests and the speed was just fine (no work around). We had one other XGS that we had also Updated to 19 but also did not have any VPN configs on, so we never rolled it back. We tested on this box by setting up a IPSEC VPN config and connecting, the Connection was VERY SLOW. So we applied the "band aid fix" and speeds returned to normal! So as far as I can tell this issue ONLY effects XGS's NOT XG Hope this helps but would like clarification before continuing to roll out even on the XG's that we had not yet updated.
Thanks
We just rolled back one of our customers for the same reasons.
Mit freundlichem Gruß, best regards from Germany,
Philipp Rusch
New Vision GmbH, GermanySophos Silver-Partner
If a post solves your question please use the 'Verify Answer' button.