This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to disable UDP Flood Scan for VPN traffic?

Hi,

clients in our network will need to use OpenVPN and/or WireGuard clients to connect to the outside world. Unfortunately this traffic is regarded as UDP flood and bandwith from VPN clients drop to to 2Mbps. I found in UTM  settings that it is possible to define exceptions. I did so for outgoing traffic. Just added destination ports and protocol and source networks, but this only covers half of the problem, because incoming traffic is still considered as udp flood. Any ideas how to except incoming traffic only for UDP VPN? I don't want to completely disable udp flood detection.

cheers



This thread was automatically locked due to age.
Parents
  • Hello,

    you can define exceptions here:

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.



    Typo corrected
    [edited by: jprusch at 10:18 AM (GMT -7) on 7 Jul 2022]
Reply
  • Hello,

    you can define exceptions here:

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.



    Typo corrected
    [edited by: jprusch at 10:18 AM (GMT -7) on 7 Jul 2022]
Children
  • Yes, I know where do insert exceptions, but as I wrote in my initial post, this covers only one direction, namely outgoing from client to UTM.

  • What is so unclear in "Coming from these source networks"? You can use the VPN pool here.

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • Hallo,

    Pictures of the Edits of the Exceptions would give us a clearer picture.  I'll guess that you didn't include responses.  For example, if you're using 1:65535->443, you also need to include 443->1:65535 in the Exception.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • I would start with defining only nets and not services, if that test are succesful, you can refine further

    Mit freundlichem Gruß, best regards from Germany,

    Philipp Rusch

    New Vision GmbH, Germany
    Sophos Silver-Partner

    If a post solves your question please use the 'Verify Answer' button.

  • That is not possible, because I do not now the VPN networks. We are not talking about the Sophos integrated VPN features. I need to make sure, that visitors within our company are able to use their vpn clients without limitations resp. udp flood detection.