I own two XG230 in HA with fw 18mr3, since I switched from MR1 to MR3 the speed of vpn is much improved (from 12mb to 60/70mb).
VPN is configured as ssl tcp on port 8443 with comp enable
The wan it's fiber 100/100,since I have updated the firmware I saw a drop in speed during the day even until late in the evening, arrive at an upload of 0.5mbs and download of 7mb, even if the wan was not saturated or overloaded
Thr test it's in SSL TCP except the highlighted one I did in IPsec
Early this morning I did the test between TCP and UDP
I can't understand what it could be
maybe the BUG ID it's NC-62448 -Core dump on Snort
and my case it's 03271059
I think I'm missing something here, can you not just use UDP as the performance seems better configured as such (and last time I checked, recommended by Sophos for performance)?
worlds number one free ICMP monitoring platform: https://pinescore.com
To use UDP I should have all users download the modified file.Up to August I was using a UTM v9 230 in TCP and I never had any problems
Actually, if you have Sophos Connect, the client will do this for you. The SC2.0 Client will notice the change on the XG and popup a resync with XG firewall on all enduser clients.
but I have to use the .pro file and not the .opvn file, right?
That is correct. You need to push out the .pro file to the users. Use GPO. This .pro file is the same file on all users. Simply push it to the sophos connect folder (Import). C:\Program Files (x86)\Sophos\Connect\import