Hi to all,
Let me tell about the config that I'm testing:
- Site A: XG 135 Rev 3 with Home Edition license. FTTH connection 1 Gbps symetrical. Network: 192.168.21.0/24
- Site B: XG 230 Rev 2 with Home Edition license. FTTH connection 300 Mbps symetrical. Network: 192.168.18.0/24
Both firewalls have the same versión: SFOS 19.0.1 MR-1-Build365
Followed this guide to config all: Create a route-based VPN (any to any subnets) - Sophos Firewall
Tunnel stablishes OK and I have full communication throught the tunnel between the two networks... but, when I make an iPerf3 test the results are horrible.
Ping between two servers throught the tunnel is OK: 7-8-9 ms.
The FTTH connections are PPPOE and I have configured and MTU value of 1492 in the WAN interface port in both firewalls.
I have tested different cryptographic algorithms but with the same results. Different profiles (Default Branch, Default Head Office, IKEv2, Default Branch - IKEv2, Default Head Office IKEv2, IKEv2 in both sides, test with RSA and shared passphrase key...).
I have also tested wih a value of 1400 MTU in the xfrm1 interfaces of both firewalls... Nothing... erratic communication with horrible results transfering a file of 1 Gb to a file server.
Let me put the results of the iPer3 test:
[ 4] local 192.168.18.240 port 56804 connected to 192.168.21.16 port 5201 [ 6] local 192.168.18.240 port 56805 connected to 192.168.21.16 port 5201 [ 8] local 192.168.18.240 port 56806 connected to 192.168.21.16 port 5201 [ 10] local 192.168.18.240 port 56807 connected to 192.168.21.16 port 5201 [ 12] local 192.168.18.240 port 56808 connected to 192.168.21.16 port 5201 [ 14] local 192.168.18.240 port 56809 connected to 192.168.21.16 port 5201 [ 16] local 192.168.18.240 port 56810 connected to 192.168.21.16 port 5201 [ 18] local 192.168.18.240 port 56811 connected to 192.168.21.16 port 5201 [ 20] local 192.168.18.240 port 56812 connected to 192.168.21.16 port 5201 [ 22] local 192.168.18.240 port 56813 connected to 192.168.21.16 port 5201 [ ID] Interval Transfer Bandwidth [ 4] 0.00-1.00 sec 2.50 MBytes 20.9 Mbits/sec [ 6] 0.00-1.00 sec 1.25 MBytes 10.5 Mbits/sec [ 8] 0.00-1.00 sec 2.12 MBytes 17.8 Mbits/sec [ 10] 0.00-1.00 sec 768 KBytes 6.28 Mbits/sec [ 12] 0.00-1.00 sec 2.25 MBytes 18.8 Mbits/sec [ 14] 0.00-1.00 sec 1.25 MBytes 10.5 Mbits/sec [ 16] 0.00-1.00 sec 2.38 MBytes 19.9 Mbits/sec [ 18] 0.00-1.00 sec 2.25 MBytes 18.8 Mbits/sec [ 20] 0.00-1.00 sec 640 KBytes 5.23 Mbits/sec [ 22] 0.00-1.00 sec 2.12 MBytes 17.8 Mbits/sec [SUM] 0.00-1.00 sec 17.5 MBytes 147 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 6] 1.00-2.02 sec 128 KBytes 1.03 Mbits/sec [ 8] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 10] 1.00-2.02 sec 0.00 Bytes 0.00 bits/sec [ 12] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 14] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 16] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 18] 1.00-2.02 sec 256 KBytes 2.06 Mbits/sec [ 20] 1.00-2.02 sec 128 KBytes 1.03 Mbits/sec [ 22] 1.00-2.02 sec 384 KBytes 3.09 Mbits/sec [SUM] 1.00-2.02 sec 2.12 MBytes 17.5 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 2.02-3.00 sec 384 KBytes 3.21 Mbits/sec [ 6] 2.02-3.00 sec 640 KBytes 5.35 Mbits/sec [ 8] 2.02-3.00 sec 0.00 Bytes 0.00 bits/sec [ 10] 2.02-3.00 sec 0.00 Bytes 0.00 bits/sec [ 12] 2.02-3.00 sec 0.00 Bytes 0.00 bits/sec [ 14] 2.02-3.00 sec 0.00 Bytes 0.00 bits/sec [ 16] 2.02-3.00 sec 2.38 MBytes 20.3 Mbits/sec [ 18] 2.02-3.00 sec 128 KBytes 1.07 Mbits/sec [ 20] 2.02-3.00 sec 2.38 MBytes 20.3 Mbits/sec [ 22] 2.02-3.00 sec 2.50 MBytes 21.4 Mbits/sec [SUM] 2.02-3.00 sec 8.38 MBytes 71.6 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 3.00-4.00 sec 2.12 MBytes 17.8 Mbits/sec [ 6] 3.00-4.00 sec 2.12 MBytes 17.8 Mbits/sec [ 8] 3.00-4.00 sec 384 KBytes 3.15 Mbits/sec [ 10] 3.00-4.00 sec 384 KBytes 3.15 Mbits/sec [ 12] 3.00-4.00 sec 384 KBytes 3.15 Mbits/sec [ 14] 3.00-4.00 sec 256 KBytes 2.10 Mbits/sec [ 16] 3.00-4.00 sec 2.88 MBytes 24.1 Mbits/sec [ 18] 3.00-4.00 sec 3.62 MBytes 30.4 Mbits/sec [ 20] 3.00-4.00 sec 3.00 MBytes 25.2 Mbits/sec [ 22] 3.00-4.00 sec 3.00 MBytes 25.2 Mbits/sec [SUM] 3.00-4.00 sec 18.1 MBytes 152 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 4.00-5.00 sec 128 KBytes 1.05 Mbits/sec [ 6] 4.00-5.00 sec 256 KBytes 2.10 Mbits/sec [ 8] 4.00-5.00 sec 0.00 Bytes 0.00 bits/sec [ 10] 4.00-5.00 sec 128 KBytes 1.05 Mbits/sec [ 12] 4.00-5.00 sec 128 KBytes 1.05 Mbits/sec [ 14] 4.00-5.00 sec 128 KBytes 1.05 Mbits/sec [ 16] 4.00-5.00 sec 256 KBytes 2.10 Mbits/sec [ 18] 4.00-5.00 sec 384 KBytes 3.14 Mbits/sec [ 20] 4.00-5.00 sec 256 KBytes 2.10 Mbits/sec [ 22] 4.00-5.00 sec 256 KBytes 2.10 Mbits/sec [SUM] 4.00-5.00 sec 1.88 MBytes 15.7 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [ 6] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [ 8] 5.00-6.01 sec 3.25 MBytes 27.0 Mbits/sec [ 10] 5.00-6.01 sec 1.25 MBytes 10.4 Mbits/sec [ 12] 5.00-6.01 sec 1.38 MBytes 11.4 Mbits/sec [ 14] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [ 16] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [ 18] 5.00-6.01 sec 5.38 MBytes 44.6 Mbits/sec [ 20] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [ 22] 5.00-6.01 sec 0.00 Bytes 0.00 bits/sec [SUM] 5.00-6.01 sec 11.2 MBytes 93.3 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [ 6] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [ 8] 6.01-7.00 sec 3.62 MBytes 30.7 Mbits/sec [ 10] 6.01-7.00 sec 2.62 MBytes 22.2 Mbits/sec [ 12] 6.01-7.00 sec 2.62 MBytes 22.2 Mbits/sec [ 14] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [ 16] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [ 18] 6.01-7.00 sec 5.88 MBytes 49.7 Mbits/sec [ 20] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [ 22] 6.01-7.00 sec 384 KBytes 3.17 Mbits/sec [SUM] 6.01-7.00 sec 17.0 MBytes 144 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 7.00-8.00 sec 128 KBytes 1.05 Mbits/sec [ 6] 7.00-8.00 sec 128 KBytes 1.05 Mbits/sec [ 8] 7.00-8.00 sec 384 KBytes 3.16 Mbits/sec [ 10] 7.00-8.00 sec 256 KBytes 2.10 Mbits/sec [ 12] 7.00-8.00 sec 256 KBytes 2.10 Mbits/sec [ 14] 7.00-8.00 sec 128 KBytes 1.05 Mbits/sec [ 16] 7.00-8.00 sec 128 KBytes 1.05 Mbits/sec [ 18] 7.00-8.00 sec 384 KBytes 3.16 Mbits/sec [ 20] 7.00-8.00 sec 0.00 Bytes 0.00 bits/sec [ 22] 7.00-8.00 sec 128 KBytes 1.05 Mbits/sec [SUM] 7.00-8.00 sec 1.88 MBytes 15.8 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 6] 8.00-9.00 sec 128 KBytes 1.05 Mbits/sec [ 8] 8.00-9.00 sec 3.00 MBytes 25.1 Mbits/sec [ 10] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 12] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 14] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 16] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 18] 8.00-9.00 sec 0.00 Bytes 0.00 bits/sec [ 20] 8.00-9.00 sec 1.12 MBytes 9.42 Mbits/sec [ 22] 8.00-9.00 sec 384 KBytes 3.14 Mbits/sec [SUM] 8.00-9.00 sec 4.62 MBytes 38.7 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ 4] 9.00-10.00 sec 512 KBytes 4.18 Mbits/sec [ 6] 9.00-10.00 sec 1.88 MBytes 15.7 Mbits/sec [ 8] 9.00-10.00 sec 4.38 MBytes 36.6 Mbits/sec [ 10] 9.00-10.00 sec 384 KBytes 3.14 Mbits/sec [ 12] 9.00-10.00 sec 0.00 Bytes 0.00 bits/sec [ 14] 9.00-10.00 sec 384 KBytes 3.14 Mbits/sec [ 16] 9.00-10.00 sec 512 KBytes 4.18 Mbits/sec [ 18] 9.00-10.00 sec 512 KBytes 4.18 Mbits/sec [ 20] 9.00-10.00 sec 2.88 MBytes 24.1 Mbits/sec [ 22] 9.00-10.00 sec 2.25 MBytes 18.8 Mbits/sec [SUM] 9.00-10.00 sec 13.6 MBytes 114 Mbits/sec - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth [ 4] 0.00-10.00 sec 6.38 MBytes 5.35 Mbits/sec sender [ 4] 0.00-10.00 sec 6.15 MBytes 5.16 Mbits/sec receiver [ 6] 0.00-10.00 sec 6.88 MBytes 5.76 Mbits/sec sender [ 6] 0.00-10.00 sec 6.70 MBytes 5.62 Mbits/sec receiver [ 8] 0.00-10.00 sec 17.4 MBytes 14.6 Mbits/sec sender [ 8] 0.00-10.00 sec 17.1 MBytes 14.4 Mbits/sec receiver [ 10] 0.00-10.00 sec 5.75 MBytes 4.82 Mbits/sec sender [ 10] 0.00-10.00 sec 5.63 MBytes 4.72 Mbits/sec receiver [ 12] 0.00-10.00 sec 7.25 MBytes 6.08 Mbits/sec sender [ 12] 0.00-10.00 sec 7.06 MBytes 5.92 Mbits/sec receiver [ 14] 0.00-10.00 sec 2.75 MBytes 2.31 Mbits/sec sender [ 14] 0.00-10.00 sec 2.59 MBytes 2.17 Mbits/sec receiver [ 16] 0.00-10.00 sec 9.12 MBytes 7.65 Mbits/sec sender [ 16] 0.00-10.00 sec 8.90 MBytes 7.46 Mbits/sec receiver [ 18] 0.00-10.00 sec 18.8 MBytes 15.7 Mbits/sec sender [ 18] 0.00-10.00 sec 18.6 MBytes 15.6 Mbits/sec receiver [ 20] 0.00-10.00 sec 10.8 MBytes 9.01 Mbits/sec sender [ 20] 0.00-10.00 sec 10.6 MBytes 8.86 Mbits/sec receiver [ 22] 0.00-10.00 sec 11.4 MBytes 9.54 Mbits/sec sender [ 22] 0.00-10.00 sec 11.2 MBytes 9.43 Mbits/sec receiver [SUM] 0.00-10.00 sec 96.4 MBytes 80.8 Mbits/sec sender [SUM] 0.00-10.00 sec 94.6 MBytes 79.3 Mbits/sec receiver iperf Done.
Can you help me please? The XG 135 Rev 3 declare a IPsec throughput of 1,700 Mbps and the XG 230 Rev 2 a IPsec throughput of 2,100 Mbps.
Thanks in advance.
Best regards.
This thread was automatically locked due to age.
