Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Active/Backup WAN setting option creates MAJOR Latency on Primary WAN Interface.

XG230 16.01.2

We have two WAN connections--PORT2(AT&T), PORT3(Newwave).  We are desire to remove traffic from PORT3 due to instablity of the connection. As well as trying to troubleshoot existing randon network issues.

So if I go to "Configure> Network> WAN Link Manager and attempt to edit and change to PORT 3 connection to TYPE=Backup.. then I get huge packet loss on my PORT2 connection.

 

We have removed every firewall rule from load balancing .. or using New wave as a Gateway.. yet we still have as much traffic per the graphs on PORT3 as PORT2 Not sure how to stop using NewWave without killing our traffic on ATT? Any ideas?



This thread was automatically locked due to age.
  • Aaron,

    From the screenshot both gateway are acting as active.

    Also make sure to invert the weight. Now traffic balancing is 100:1 for the port3.

    • thanks for replying.. i changed it to your suggestion and this was the result..

       

       

      ..... killed my connection until i put it back as my initial post showed.

      • Thanks for the screenshot.as you can see traffic stucks after your isp.

        What happen if you remove your backup gateway totally under wan link manager?

        Does it work?

        • I removed it.. still bad

          I rebooted .. still bad

          I removed HA(High Availablity) with PORT 3 unconfigured... GOOD.

          I configure PORT 3 without HA.... bad.

          I remove PORT 3 ..reboot with HA.. good for a little bit.. now bad.

          I turned off IPS.. because CPU was very high... back to ok.

          ... this is my bandwidth monitor on CLI of Sophos..

          PORT 1 = LAN PORT 2 is WAN.. How is so much traffic happing on PORT2 without it being coming from our LAN?

           

          • Aaron,

            I advice you to open a ticket with the Support and let us know.

            Thanks

            • Thanks i appreciate the input.

               

              Over the night...We have narrowed all the bad metrics to an email business access rule.

              Turn it on... things go bad quick..

              turn it off..things go good ..quick.

               

              now we will troubleshoot that rule to find the issue.

              • Aaron,

                Make sure you are using the latest version and open a ticket with support.

                Let us know the answer.

                Thanks