Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 6966 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unacceptable Latency on IPSec Site to Site

RupeshBasnet

Hi,

I have replaced 5-6 boxes from SG to XG this week for few of my customers. But immediately after the change, I have been noticing high latency on the traffic passing via IPSec and sluggishness on application's traffic. I am using XG85 on the branches and XG125 on HO and concurrent user per branch is less than 5. I can ping WAN IP with latency of less than 5ms but branches LAN latency is sometime 3 digits and 2 digits usually. 

Both the boxes are with only base licenses on it. Looking for some quick solutions. 

Regards,

Rupesh



This thread was automatically locked due to age.
  • 0

    Hi Rupesh,

    Greetings,

    There are many dependencies over the VPN communication. If you have enough bandwidth, though you are facing an issue with the speed/data transfer rate. I would suggest to lower down the MTU/MSS of the LAN interfaces. You can try lowering down MTU to 1492 and MSS to 1412,1380 or 1260. Please make sure you can try lowering more MSS. However we do not suggest to lower it more.

    We shall wait for your update.

    -Mayur Makvana