Hi
I have a new Sophos XG115 without any firewall rule besides the default one, with a basic license, default webfilters and no IPS activated. It is connected to a router and to a internal switch. Both interfaces have 1000 Mbps - Full Duplex Auto-negotiated. When I make a speed test I'm at around 30 Mbps Up and Down. But when I try to open a website, it takes 15 seconds or more. Before we set up the firewall it was much faster. Also over the old WLAN, who is not behind the firewall it is much faster as well.
Any idea what could cause that?
Hi Iferrara
Thanks for your reply!
No they didn't have a firewall before. They are very small and basically just wanted something to provide a seperated access to the internet in case they want to sublet a part of their office.
I updated the definitions from 8.x to 9.x. I will make some performance tests tomorrow.
Hi Nino,
please try running two speed tests from different devices at the same time. This might be just require disabling some of the IPS functions.
Also check you IPS -> DoS tab and see what results are displayed against which IPS function.
Ian
XG115W - v19.5 GA - Home
Test machine - Asus P10S-i E3-1225v5, 6gb, 4 intel NICs, v19.5 GA
If a post solves your question please use the 'Verify Answer' button.
Hi rfcat_vk
Thanks for your reply.
In DOS everything is disabled. And the other features only come with higher subscriptions as far as I know.
Best RegardNino
check dos attack and dos spoofing, they are seperate functions even though they might look the same.
ian
both of them are disabled
I checked everything for udpates. But unfortunately this didn't solve anything. I also tried to deactivate the AV and IPS Service but that didnt help too.
on the second screen shot, you have only shown the top part of the page, there are more settings below that might be having an effect.
Hi,I booted to the firmwarew SFOS 16.05.3 MR-3 which came preinstalled and here the performance is fine. So it seems there is a bug or something in the new version.
Hi Nino ,
It would seem that the issue with the negotiation which would lead to packet loss and would enable to retransmit the packets again. Since you are using 30mbps up/down stream I would recommend you to set to 100mbps Full duplex manually and check if that would improve the performance.
Another hint may be observed on the interface if there is an error or not.
Toggle 'u' two times to get this page and check if its 0 or not as per the screen shot.
Regards,
Aditya PatelGlobal Escalation Support Engineer | Sophos Technical SupportKnowledge Base | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'This helped me' link.