HTTP scan downgrade the Wifi speed from M to K bits with iOS device

Hi Shunze,

what does the advanced settings tab show? Also what do you see in the IPS DOS tab?

Ian

As following.

As following.

Hi Shunze,

thank you for posting those details.

Next question is what is the model of the AP and are you using 2.4ghz or 5ghz if the Ap is capable of 5ghz?

Ian

All of them are AP55C.

Does this only occur on 1 AP or on all and which band. Do you have the power settings at 100% and the 40 for 2.4ghz and 80 for the 5ghz SSIDs?

What devices are you experiencing this on, phones, laptops or tablets?

Ian

All of AP have the same issue.

It impacts iPhone and MAC seriously, but slightly with Windows.

Hi Shunze,

I have my APs at the higher throughput setting. My experience with the AP55 and MAC and iPad is the take awhile to ramp up during downloads and do show very poor performance unless big file is moved.

Om 2.4ghz most devices idle at 72mb/s where as on 5ghz the MACs idea at 24mb/s with the wider bandwidth channels. Previously they idled at 6mb/s.The iphones on the other hand connect at about 300mb/s and quickly ramp to over 600mb/s just checking mail.

The w10 machines connects most of the time at over 300mb/s on a 5ghz SSID.

I hope this helps a little bit, but for any further digging you will have to wait until a support mod checks in or the product support team ring back.

Ian

I am having the _exact_ same issue. My configuration is identical with only two exceptions - I'm running AP100 and AP15 and do not have client isolation enabled.

I've tried every permutation of settings (on/off) but cannot resolve it. I get decent to great 'download' speeds (i.e. server on LAN -> Wireless client), but absolutely horrendous (kb/s) 'upload' speeds (i.e. Wireless client -> Server on LAN). Does not seem to matter the protocol - can replicate with CIFS, SCP, HTTP and HTTPS.

Does not matter the client - Asus AP (bridge mode); Dell / Windows 7480; New Macbook Pro; Macbook Air; iPhone; iPad; Surface Tablet ... they all exhibit the same behavior. 

Please advise! Perhaps instructions on how to 'downrev' AP firmware to something more stable.

Dear All,

Sophos has identified the issue was a bug.

The TSO should be off on ethtool.

TSO: TCP segmenation offload.

TSO is to offload TCP segmentation to NIC; CPU doesn't perform TCP segmentation anymore, to save CPU resource.

But when create virtual Wifi NIC (Separate Mode), the value is on.

That makes the issue happened.

Workaround as following,

Log on XG firewall SSH terminal using admin account. Once authenticated, you will be presented with the Sophos Firewall console menu.
Go to 5. Device Management > 3. Advanced Shell, and run the following commands
ethtool -K Rock_User tso off
ethtool -K Rock_User5 tso off
ethtool -K GuestAP tso off
ethtool -K GuestAP5G tso off

Shunze

FYI:

https://community.sophos.com/products/xg-firewall/f/firewall-and-policies/105207/slow-downloads-on-smartphones-connected-over-ap/390629#390629

https://community.sophos.com/products/xg-firewall/f/network-and-routing/108597/xg-firewall---wifi-mtu-nach-update-17-1-3/389386#389386

Same issue, not related to iOS

Sohpos knows the issue. but they didn't tell us which version of firmware will fix it.

No word for Sophos...

Hi ShunzLee,

I think I can see why my APs work "correctly" and some of the others don't. The failing setup appears to use virtual WIFI while mine are connected physically, if you understand what I mean?

Ian

Fixed spelling and word placement so sentences make sense.