I have a new Sophos XG115 without any firewall rule besides the default one, with a basic license, default webfilters and no IPS activated. It is connected to a router and to a internal switch. Both interfaces have 1000 Mbps - Full Duplex Auto-negotiated. When I make a speed test I'm at around 30 Mbps Up and Down. But when I try to open a website, it takes 15 seconds or more. Before we set up the firewall it was much faster. Also over the old WLAN, who is not behind the firewall it is much faster as well.
Any idea what could cause that?
Thanks for your response! I'll check on that at the next opportunity. But that will probably take some time. I will update this thread as soon as I have new information.
I used this information to verify I was not dropping packets or generating error (thank you for the tip), but I can't seem to get my display to not wrap the information:
How can I increase the width? Tried in SSH Client and via the Sophos Web Client.
can you share the output of this 2 commands:
ethtool -S "portname" (both WAN and LAN)
I had the same issue where the download speed slows down when using the XG 105 firewall.
How I fixed the slow issue was to update the Firewall Rule used by LAN users.
Firewall -> Edit User/Network Rule -> Advanced, Intrusion Prevention -> set to None
I also had this issue as I moved from UTM to XG.
My problem/solution was that I had my WAN NIC set to auto negotiate and it auto-negotiated 100 Mbit halfduplex while I was paying for a 150 Mbit line.
I changed my interface to 1000Mbit fullduplex manually and now everything works as expected.
As far as i know, Support found the reason and is already working on a Patch. Would expect it for next MR Release.
FloSupport can you track this?
I have an XG105 with v17.5My internet connection (router) connects showing a speed of 68MB download, yet internally I only see max 40MB and usually around 30MB. Interface does connect at 1000MB Full Duplex and DOS UDP + TCP is off both directions. In Diagnostics Graphs, I can see the interface Max Receive has been 28.8MB, which sort of correlates with speed tests. Not good really.I am assuming that MR1 for v17.5 will be weeks away or more?
The fix will only apply for Separate zone Wireless networks.
If you have another issue with normal LAN interfaces or something like that, this needs to be split into another thread.
I was having the same issue. I disabled "Advanced Threat Protection", and now all is good.