Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 5 subscribers
  • Views 4817 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SG115 - Download Speed through Firewall way less than Direct Connection

Lindsay Donaldson

Hi there,

We recently upgraded to a SG115 from a UTM120.  The config was backed up and restored on to the new unit.  Last week we upgraded our Internet services from 25/5mb to 100/25.  We've confirmed the services are as promised by using a laptop directly connected to the ISP and the speedtest.net site.

When I do tests from the clients behind the firewall, the speedtests are only running at 30/30.  I used a Python script to do a speedtest from the shell of the SG115 and found that it shows the same speeds of 30/30.  I've turned off the Antivirus and scanning services, no change in speed.  I don't have QOS enabled.

 

I'm not sure what to check next, any ideas?  The SG115 hardware should more than support my connection.  We have an active Total Protect license on the unit.

 

Thanks,

Lindsay



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Lindsay, and welcome to the UTM Community!

    If you search here, you will find that the culprit is Snort - Intrusion Prevention.  Disable that and run your test again.  Even then, I don't think you'll get close to 100Mbps.  With Snort enabled, you might be able to fill the pipe with four simultaneous downloads to four different devices, but maybe not.  In any case, speedtest.py and the browser-based versions are all single-threaded, so the second core of the Atom in your 115 is not used by Snort.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hi, Lindsay, and welcome to the UTM Community!

    If you search here, you will find that the culprit is Snort - Intrusion Prevention.  Disable that and run your test again.  Even then, I don't think you'll get close to 100Mbps.  With Snort enabled, you might be able to fill the pipe with four simultaneous downloads to four different devices, but maybe not.  In any case, speedtest.py and the browser-based versions are all single-threaded, so the second core of the Atom in your 115 is not used by Snort.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML