Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 15055 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High bandwith consumption in bridge mode and high latency

JoseCasanova

Greetings,

I’ve installed a Sophos XG210 in bridge mode, with a cisco ASA in the perimeter connected to WAN link, and a cisco core switch in the LAN link.

When the Sophos XG is connected, every time a High consumption of bandwidth (due to updates or something else), the internet connection goes south, with high latency and intermittence. The resources (CPU - RAM) in Sophos XG stays normal. This problem isn’t happening if the Sophos XG is disconnected from the network.

In other implementations, when Fortigate is above (instead of Cisco ASA), it doesn't happens.

Have anyone experience this issue?

Regards,

Jose

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi Jose,

    That is strange, do you see any dropped or error packets on the interface?

    Take SSH to XG and go to option 4. Device console.

    Execute, show network interfaces. Post the output.

    Thanks

  • 0 in reply to sachingurung

    Thanks Aditya and Sachin for your answers.

    The updates I was referring are windows updates and other high consumption bandwidth apps (in the LAN side).

    Sachin, the output of the command shows:

    As you can see, there is dropped packages on the Bridge interface. Today we are going to configure the physical interfaces from autonegotiation to 1000 Mbps Full Duplex, in the Sophos XG and in the Cisco ASA, and Switch Core.

    Do you have any other recomendation that I could applied?

    Thanks again for all your help.

    Regards,

    Jose

  • 0 in reply to JoseCasanova

    Hi Jose,

    When you capture dropped packets on a physical interface, you must check the physical connectivity between the two ends; here, physical cables. Replace the cables with a fresh one and verify if the drops increase.

    Thanks

  • 0 in reply to sachingurung

    Hi Sachin,

    thanks again for your answer. However, I checked the patch cords, which were freshly opened for the deployment. Besides, this client has two branches with same configuration, and in both locations are experience the same issue.

    let me know if there is another workaround.

    Regards,

    Jose

  • 0 in reply to JoseCasanova

    Hi Jose, 

    If the Bandwidth utilization is high due to Windows Update , I would recommend you to apply QOS on application "BITS" under application filter and Enable QOS for Application filtering on the Firewall rules. Also the value you insert is in KB so 128KBPS=1mbps bandwidth.

    This would enable te updates to pass through  XG appliance with Specified Bandwidth so it would not hamper your network when all systems updates simultaneously.

    Thanks and Regards

    Aditya Patel 

Reply
  • 0 in reply to JoseCasanova

    Hi Jose, 

    If the Bandwidth utilization is high due to Windows Update , I would recommend you to apply QOS on application "BITS" under application filter and Enable QOS for Application filtering on the Firewall rules. Also the value you insert is in KB so 128KBPS=1mbps bandwidth.

    This would enable te updates to pass through  XG appliance with Specified Bandwidth so it would not hamper your network when all systems updates simultaneously.

    Thanks and Regards

    Aditya Patel 

Children
No Data