I have a situation, that I must admit, has me quite confused.
When using a commercial VPN server (TorGuard) I could not figure out why I was only getting 4% of my TCP connection download speeds when using a UDP connection.
I finally figured out that the cause of the problem was the Sophos UTM, specifically the UDP Flood Protection.
Not a problem really, as the UTM was doing what it was configured to do.
So, I figured I would simply add an exception for the UDP ports I was using to connect to the VPN server. That should resolve the speed issues, right?
I already had service definitions, both TCP and UDP, for the ports, along with a firewall rule to allow those ports (LAN > VPN Ports > Any)
I created a new exception (Network Protection > Intrusion Protection > Exceptions)
- I gave the exception a name
- Under Skip these checks I selected UDP Flood Protection
- In For all requests I selected Using these services and added the UDP service definitions of the specific ports
- I then saved and enabled the exception.
All pretty straight forward, but it had absolutely no effect on the download speeds of the UDP VPN connections.
I also tried selecting all of the options in Skip these checks but that had no effect either.
The next thing I tried was to create a DNS Host for the VPN server I have been connecting to and I added that into the exception rule
- coming from these source networks: VPN Server & LAN
- and going to these networks: VPN Server & LAN
- and using these services: UPD Ports
and
- coming from these source networks: VPN Server & LAN
- or going to these networks: VPN Server & LAN
- or using these services: UPD Ports
Neither of these additions had any effect, so I removed them.
I am obviously missing something here, but dammed if I know what.
I should add... if I simply disable Use UDP Flood Protection in Network Protection > Intrusion Protection > Anti DoS/Flooding this resolves the speed issue.
Basically, the exception I created is just not working, but I don't know why.
I'm open to suggestions from the brains trust.
This thread was automatically locked due to age.