Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Subscribers 6 subscribers
  • Views 11510 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9 Software appliance slow download/upload speeds

Liquid Spook

Hey Guys, just wanted to see if you could point me into the right direction. I have a software appliance running on a Hyper-V server windows 2010 with 15G or RAM and 512GB of disk. Nothing else runs on it. The machine is strictly dedicated to UTM9.

When I fist build it, the speeds were just fine 200Mbps/200Mbps. No major changes, beside some NAT rules for port forwarding that were made. I've also disabled them later during the testing with the same results.

Recently the speeds dropped to 10/20Mbps. I've connected my laptop directly to ISP router and was able to regain 200/200 speeds.

I've read a few post in Sophos communities, but still no luck. I've disabled all types of network protections, Anti-DDoS, web filtering, anti-portscan...etc but nothing has changed.

The hardware performance are steady at CPU=8%, RAM=10-15%, Log Disk=1%, and Data Disk=7%. All the hardware resources (windows machines) all dedicated to UTM.

I checked the Interface settings, under advanced and all set to 1000Mbps respectfully.

The windows Machines NIC's all set to 1Gb under hardware performance.

Everyone's help is greatly appreciated. 



This thread was automatically locked due to age.
Parents
  • +1

    Hey LS - welcome to the UTM Community!

    The Realtek NICs are a known no-no with the UTM (see #7 in Rulz), but I would have expected Hyper-V to prevent that.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Thanks Bob; Would you of a recommended vendor or a practice for the NIC settings?


    Appreciated.

  • 0 in reply to Liquid Spook

    In addition to the info in #7, check out the last two pages of the "Unofficial HCL" thread pinned to the top of the Hardware forum.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Updating to the latest Zotac firmware didn't resolve.

    Bob - if I save my configuration, would I be able to restore it to another machine later?

    IE, if I replace the Zotac with a different appliance with Intel NICs, would that configuration work on it?  I'm not sure if the export is just app configuration settings, or it stores anything specific to the hardware it is installed on...

    Thanks.

  • +1 in reply to RobertBurri

    Figured it out, as posted on a Zotac specific thread as well (https://community.sophos.com/products/unified-threat-management/f/hardware-installation-up2date-licensing/108219/anyone-using-a-zotac-box-ci327/390330#390330)

    My throughput issue is not related to Sophos or a recent firmware update. Good for Sophos, bad for Zotac and me unfortunately. 

    So my recommendation is to test your hardware outside of the Sophos VM, and see if you can get full speed there.  If not, your Realtek NIC could be failing.  That is what I've now proven on my Zotac, a hardware failure.  I could not get full speed in three different scenarios on the Zotac (see thread).  

    I'm now in the market for a new hardware appliance. 
    And per my question before, if I can just restore from the backup I have downloaded, I will do that. If not, I'll be comparing UTMs again.

  • 0 in reply to RobertBurri

    You can restore a configuration backup from non-Sophos hardware to any other non-Sophos hardware.  With Sophos hardware, if moving from an SG 210 to an SG 230, for example, a license for a 230 must be applied after the restore.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to RobertBurri

    interesting; I'll have to test my NIC. it's possible it might have gone bad, since I did not buy it new and rather used an old one from my other PC. Thanks.

     

    I actually been talking to Sophos support and they have taken an interest in this case. I tried a few suggested alteration without success. They are looking to get into my system and collect data. 

    I'll keep everyone posted once I complete this task. 

Reply
  • 0 in reply to RobertBurri

    interesting; I'll have to test my NIC. it's possible it might have gone bad, since I did not buy it new and rather used an old one from my other PC. Thanks.

     

    I actually been talking to Sophos support and they have taken an interest in this case. I tried a few suggested alteration without success. They are looking to get into my system and collect data. 

    I'll keep everyone posted once I complete this task. 

Children
No Data
Unfiltered HTML