This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSEC site-to-site perfomance spoiled by IPS (UDP Flood), exception not working

Hi folks!

We have a site-to-site VPN via IPSec between an SG210 (600/40MBit) and an SG105 (70/25MBit) (both 9.705-3).

If I enable IPS UDP Flood Protection (SMB-)traffic through the tunnel drops to about 270 kB/s, if disable it's about good 3,5 / 2 MB/s, depending on direction.
I created an exception for the local networks and services IPSec, but that does not change anything.

The log does not show anything about UDP flood events. Any idea how to keep performance while having enabled the UDP flood protection?



This thread was automatically locked due to age.
Parents Reply Children
  • FormerMember
    0 FormerMember in reply to Reintke

    Hi ,

    Could you please change the condition from "And" to "Or" and see if that helps? 

    Did you check logs on UTM to see if there are any packet drops? 

    Thanks,

  • Hi,

    I tried, but the UTM does not allow the combination of "or" with "any service". Additionally I would not like to use "or" for a whole network, since I think it would disable IPS for any source.

    The Firewall log does not show anything about IPS and/or UDP. Even the statistics show zero hits:

    Stay healthy!

    Frank