This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Extremely Slow Upload Speed

I recently installed UTM 9 Essential Firewall in order to simply move my database server to its own NAT for security compliance.

Using Speedtest.net - The Global Broadband Speed Test on the database server:

- The download speed was fine (> 10 Mbps)
- The upload speed was extremely slow (

This thread was automatically locked due to age.

0 BAlfson over 11 years ago

Hi, Jon, and welcome to the User BB!

Start the following three Live Logs: Firewall, Intrusion Prevention and Web Filtering. Start an upload, and, if you see anything related in those logs, post a few lines here. If you want to post anything from the Firewall log, always get the corresponding lines from the full log file - the Firewall Live Log is the only log that has abreviated information.

Cheers - Bob
PS I've deleted your other thread that is a duplicate of this in a different forum.

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel
0 AZinNC over 11 years ago

Thanks Bob,

Also, if I didn't mention it before, this is the free version of UTM 9 Essential Firewall - does that have anything to do with it?

We don't have IPS or Web Filtering enabled at all - only the Firewall and NAT. I don't see any outbound traffic - could it be because we allow all outbound traffic? We only restrict which protocols that are allowed inbound (MSSQL, CIFS, LDAP, rsync, etc.).

I have attached a few lines of the live firewall log as well as the corresponding lines in the full firewall log.
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 11 years ago in reply to AZinNC

There are no performance caps, etc. on the Essential Edition... might want to check for Speed / Duplex mismatch. You can check for errors that are indicative of such a mismatch on your switch and / or ISP CPE equipment, can you can log into the Shell of the UTM and issue an ifconfig ethx command (where 'x' is the interface number you want to check)... look for excessive errors, collisions, etc. on that interface.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel
0 AZinNC over 11 years ago

I have attached the ifconfig results on both interfaces. They don't appear to have any errors or collisions. Do you see anything else that could be the issue?

Also, I am running this on a VMWare ESXi server. I had it running on a virtual switch without a vmnic assigned. During downtime overnight, I am going to move the Sophos VM and database to another virtual switch that hosts another network that is working fine. I will then restart the Sophos VM and see how that goes.

Do you have any other suggestions?
- ifconfig.PNG
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 11 years ago in reply to AZinNC

What kind of Virtual NICs do you have configured? VMXNET2 or VMXNET3 are recommended for best performance.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 11 years ago in reply to BrucekConvergent

If you using the prebuilt VM image, that may be part of the problem --- things may have changed (I haven't used it in a very long time) but the prebuilt image used to be made with NIC type "Flexible" which perform poorly.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel
0 AZinNC over 11 years ago

Yes, it is set to "flexible". I suppose that I should shut it down and change to either VMXNET2 or 3?
Cancel
Vote Up 0 Vote Down

Cancel
0 AZinNC over 11 years ago

That worked perfectly! Thank you for your help.
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 11 years ago in reply to AZinNC

You're welcome...

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Cancel
0 gabrielit over 6 years ago in reply to AZinNC

Hi, sorry to resurrect and old post, I just wanted to add that there is an option in UTM Essential firewall in Interfaces & Routing > Quality of Service (QoS): Here you can shape the bandwidth. I made some tests in the past, then I forgot about it, after some months I realized my upload bandwith was struggling. This could be of use fore someone else looking for help.
Cancel
Vote Up 0 Vote Down

Cancel