Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 1189 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF rule in 18.5.1 with Authentication Form with Passthrough is slow

juergenb52

Hi,

we had a WAF Rule with Authentication and a Form with Passthrough for a internal Webserver.
This rule was fine and performace for external users was ok.

Internal Webserver is Windows 2019,

After Migration to  18.5.1 the access to the interal server is realy slow.
Loading of pages takes very long.

We use the same WAF Rule with Authentication and a Form with Passthrough as before.

Can anyone help to find some hint´s why this seems so slow now?

Where can i start (logfiles, etc.)?

Thanks

Jürgen



This thread was automatically locked due to age.
  • 0

    Has anyone an idea why this thing is slow?

    I am waiting for  2 Month now, to get Sophos Support...

  • 0 in reply to juergenb52

    Try to move to ZTNA and see, how this can be done in the future. Assuming this will actually resolve all your issues. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    With XG 17.5 and Windows 2016 Performance was fine.
    We have these problems after upgrading SFOS...

  • 0 in reply to juergenb52

    I am not aware of any kind of limitations of the WAF. Sounds like a AD Backend issue. 

    But still you could take a look at the ZTNA Gateway. It eventually will replace everything (VPN/WAF) in some years. 

    __________________________________________________________________________________________________________________

  • 0

    Hello Juergen ,

    There can be 2 reasons for this to happen,

    • It could be because of authentication token exchange between Sophos firewall and authentication server .
    • The WAF/Authentication service may be having high number of incoming connection , due to which this there is is delay in communication.

    In this case , we would need reverseproxy.log and access_server.log in debug . All you have to do is to provide both this logs by recreating the issue .

    DM me in case if you need anymore information for this .

    Thanks ,

    Gunjan Bhatt

    Ex-Sophos Support

    Cisco Email, Firewall & Web security Expert

Cookie Information Banner