Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 59 replies
  • Answers 1 answer
  • Subscribers 43 subscribers
  • Views 19341 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

PPPoE connection on XGS 2100 SFOS 19.0.0 GA-Build31 - slow page loading

Carlo

Hi, 

I have problem with pppoe connection which I don't know how to solve 

MTU 1492

MSS 1452

no web policy

no ips

no DoS

tried changing port (on port 2 connection was terrible)

Problem is that pages are loading slow, after I press "enter" on url nothing happens for 10 seconds and then it start to looking for page. I checked on multiple pc's, diferent browsers and directly plugged to lan port (without other clients).  Internet speed is about 200 mbps faster on ISP equipment. Behind XG I get around 350 download and 200 upload. 

Maybe this has to do something with dns but I don't know how to troubleshoot.

Thanks. 

Carlo



This thread was automatically locked due to age.
  • 0 in reply to LuCar Toni

    A always get the same public ip. It is binded to MAC of WAN interface. It is set as Preferred IP in network-port2-pppoe settings

  • 0 in reply to Carlo

    Hi Carlo 

    Logs not showing proper information 

    below are the logs for three way handshake done : 

    console> tcpdump 'host central.sophos.com
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 byt es


    19:54:08.884274 PortA, IN: IP 172.16.16.19.62523 > 54.77.73.158.443: Flags [SEW], seq 4023372657, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    19:54:08.885725 PortB, OUT: IP 10.0.3.13.62523 > 54.77.73.158.443: Flags [SEW], seq 4023372657, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
    19:54:09.043715 PortB, IN: IP 54.77.73.158.443 > 10.0.3.13.62523: Flags [S.], seq 3930167411, ack 4023372658, win 26883, options [mss 1412,nop,nop,sackOK,nop,wscale 8], length 0
    19:54:09.044316 PortA, OUT: IP 54.77.73.158.443 > 172.16.16.19.62523: Flags [S.], seq 3930167411, ack 4023372658, win 26883, options [mss 1412,nop,nop,sackOK,nop,wscale 8], length 0
    19:54:09.045283 PortA, IN: IP 172.16.16.19.62523 > 54.77.73.158.443: Flags [.], ack 1, win 1025, length 0
    19:54:09.045668 PortB, OUT: IP 10.0.3.13.62523 > 54.77.73.158.443: Flags [.], ack 1, win 1025, length 0
    19:54:09.048375 PortA, IN: IP 172.16.16.19.62523 > 54.77.73.158.443: Flags [P.], seq 1:518, ack 1, win 1025, length 517
    19:54:09.049676 PortB, OUT: IP 10.0.3.13.62523 > 54.77.73.158.443: Flags [P.], seq 1:518, ack 1, win 1025, length 517

    Can you re generate the logs and share the output showing three way handshake is getting completed as well what mss value is getting hit on firewall ?

    Thanks 

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    When I run command from shell nothing happens 

    XGS2100_RL01_SFOS 19.0.0 GA-Build317# tcpdump host central.sophos.com
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes

^C
0 packets captured
536 packets received by filter
528 packets dropped by kernel

  • 0 in reply to Carlo

    Hi Carlo 

    follow below step or use option 4 

    XGS2100_RL01_SFOS 19.0.0 GA-Build317#cish 

    console> tcpdump 'host central.sophos.com

    Thanks 

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Bharat J

    Same result 

    Sophos Firmware Version SFOS 19.0.0 GA-Build317

console> tcpdump 'host central.sophos.com
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
^C
0 packets captured
75 packets received by filter
67 packets dropped by kernel

  • 0 in reply to Carlo

    It looks fine to me. I guess we cannot give a proper support from this perspective. You should create a support case, so somebody can investigate this matter on your appliance. 

    __________________________________________________________________________________________________________________

  • 0 in reply to Carlo

    Hi Carlo

    what about Google.com ?

    getting same result ?

    Thanks

    "Sophos Partner: Networkkings Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to Carlo

    hello Carlo,

    did you ever try to lower the MTU to a much lower value like 1280 and MSS = 1272 , then?

    Can you run this as a test, but please do a restart of the FW before.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to PhilippRusch

    Hi, I did not try to set that low value. I work curently with support on this issue. I did no get solution from them yet but when I set up internal DNS server everything work as it should even with default 1500 mtu. All my problems are related to DNS and name resolving. 

Unfiltered HTML