Advisory: Sophos Endpoint - "Your connection isn't private." We're aware of a certificate issue and are actively working to resolve it. Please see: KB-000045954 for the latest updates.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Extremely Slow Network Speed

I did some reading/searching but nothing really answered my question.

Im running a pair of SG125 UTM9 with 9.709-3 in HA Mode.

I recently upgraded my business internet from 10mbps/1mbps (yeah yeah I know), to 200mbps/10mbps via Spectrum Business. After the hardware change and account change however, I am only getting 25mbps/10mbps on my LAN from all devices wired or wireless -- fast workstation desktops to i9 laptops.  I then decided to hook a laptop via Cat5 1000gbit directly to the Spectrum modem to see what kind of speeds I was getting before the UTM9 firewall/LAN.  I was reliable getting 100+ mbps download and sometimes closer to 200mbps depending on which test I was using.  So the impasse/slowness is beyond the Spectrum modem.

When I called Spectrum they indicated their modem was only connected at 100mbit but I dont believe that because the connector on the modem end is giving an amber light. However the lights on the same cable going into the UTM9 WAN port is double green and no amber. I tried to determine what speed the UTM9 was connecting at -- I figured it was autonegotiate -- but it didnt seem to indicate anywhere in the WebAdmin. Just stated it supported 1000baset.  In any case even if its connecting at only 100baset, I should still be getting far faster speeds than 25mbps. And its never 26-27mbps. It hits 25 and basically hits the wall.

When I toggled off IPS, I could get 33-35mbps download but that's about it.  I have Network Protection and Email Protection licenses.  I also have some other things configured like SMTP profiles but they get very little traffic.

I need to do something to get my LAN connection speeds at least over 100mbps reliably because Im paying far too much to only get 25mbps of pipe.  What am I doing wrong and what can I do to try and fix?  Since I have Sophos support should I reach out to them so they can log in and poke around?

This thread was automatically locked due to age.
  • This is a rudimentary diagram of the network. Its pretty simple and just a home office network.  Only a couple users at any one time.  I do have some legacy IIS servers connected using those additional public IPs on the WAN NIC, but they get next to zero traffic. I dont even really use them anymore.  

    I checked my NIC speed on my wired PC and its says its connected to the office hub at 1.0gbit (though only green flashing lights on the modem end connection of this cable).   I then took an old laptop I had lying around that actually had a hardwired RJ45 port. I hooked that laptop DIRECTLY to the Spectrum modem and in front of all other hardware. I did a speed test and I get a lot of different results.

    For instance if I google and use the Spectrum online speed test I get about 25mbps download. However if I just google "internet speed test" and use the MLab test thats embedded into the google, I get over 200mbps.  I just tested these same two speed tests on my wired PC on the network and got about 25mbps on the Spectrum test and 70mbps on the MLab test.  I then tested them again on my Wireless AC laptop on the network and got 38mbps and only 1mbps upload.

    Again my business plan calls for 200mbps up and 10mbps down.

    The Spectrum engineer stated the Modem was only connected at 100bt. I dont know how to verify as I do not have access to log into the modem. The two CAT-5s going into the modem -- one for each SG125 in HA Mode, has amber lights on the modem connectors, but only a pair of green lights on each WAN connection going back to each SG125.

    I dont know how to verify that he SG125 end of the connections is set to gigabit (or how to set it).  This might be a part of the issue, but I don't think its the main hitch. Even if it were set to 100 megabit, I should still be getting reliable speeds close to that. Again this is not a high traffic network. Just me surfing and streaming and Im doing all my testing during no traffic periods.

    That I seem to get much better speeds using the MLab test on a wired laptop in front of the SG125s leads me to believe much of the bottleneck is SG125 related. Maybe not all of it, but it seems to be the dividing line between differing results.

  • Chris, this is a known problem...

    You can set the speed in the UTM on the 'Hardware' tab of 'Interface & Routing >> Interfaces'.  Charter needs to give you better support and set their interfaces to fixed gigabit instead of autonegotiate.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I just set ETH0 and ETH1 to 1000BT/Full.  Those are my LAN and WAN ports. I see no improvement in speed.

    Still getting about 25mbps down and 8-10mbps up.

Reply Children
  • I'm curious to follow this as well, and just did the same thing on my UTM.  I have a 50/3 connection, and my downloads never reach more than 7.5mb. 

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

  • The modem's Ethernet interface must also be set to 1 Gps instead of auto-negotiate.  There's a known incompatibility between some SG hardware and some modems.  I first saw this several years ago when a client got a new gigabit fiber connection that came with a Cisco modem/router.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA