Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 8795 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Slow Upload Speed and Cloud Based Camera Issues

Murphdog

I have a Sophos XG (home) installation installed at home. I have experience with a variety of firewalls in enterprise settings, but this issue has me stumped.  I will create a new build on a test PC when I have time but maybe someone can spare me the extra work.

I'm seeing upload issues. I have 50/50 FIOS  and on non-Verizon speed tests I see approx 60 Mbps down and 6-20 Mbps up. I have tried Ookla, Bandwidth Place, etc. tests. The Verizon speed test is great every time almost 60/60. The multiple computers and iOS devices were configured with any firewall rules and no IPS, web policy, traffic shaping, or application control. 

I'm also seeing issue with cloud based cameras that I have been trying at home. I tried the Ring Pro DoorBell and the video stuttered. Kuna camera gets droped frames. The Arlo Q video has been good, but it drops audio sometimes and the cameras intermittently go offline. They all use AWS. I have seen these devices work fine on Comcast cable at other locations.  All the devices are on their own VLAN with no filtering like above. 

The XG firmware is SFOS 16.01.2, but the issue existed with 15.x version. Its installed on a Qotom fanless PC https://www.amazon.com/QOTOM-Q190G4-S02-products-Barebone-J1900-Industrial/dp/B01KX9OU58/ref=pd_sbs_147_img_1?_encoding=UTF8&psc=1&refRID=70FCV7F6V5FTA8HG9KJ4.

I did a test without the firewall and I get close to 60 Mbps up on the Ookla test. The firewall is showing low CPU and RAM(has 8GB) during the tests. When I had a UTM 9.x the speed tests were fine. I did not not have the camera devices so I can't compare that.

 

Logs do not show any blocking. Any ideas would be greatly appreciated.

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    This is an odd one,

    But what DNS servers are you using? I have issues with mine when set to googles DNS (8.8.8.8).

    I get full speeds from my ISP speedtest, but poor elsewhere, and my cable modem without the firewall is full speed.

    The cable modem is hard coded to ISP DNS, and when I copied those DNS entries into my firewall I saw good speeds again.

    My guess was ISP was doing some route optimisations which relied on DNS.

  • 0 in reply to Bohdan.S

    Gave that a shot....no success. Still slow. Appreciate the help.

  • 0 in reply to Murphdog

    If your getting full speed to your ISP speed test, but slower elsewhere it still makes me think its an issue outside the Firewall.

    I would still say DNS, maybe devices didn't clear the cache? or have staic DNS set on the client side?

    Sorry, I only keep mentioning it, as your ISP might return AWS-East DC, and google DNS might return AWS-West because its not as geographic, and hence the issues.

    Have you tried access via the RED zone? same speeds?

  • 0 in reply to Bohdan.S

    As far as the speed I did try manual DNS on a few PC's. Also when I went on the Ethernet cable that goes into the FIOS ONT  I got close to 60/60 Mbps. I have 300/300 at one site (Watchguard box) and I see the full bandwidth. Same DNS as home. 

  • 0 in reply to Murphdog

    It's just interesting that the ISP Speedtest gives you full speed.

    I did a quick Google and can't see anyone with issues in regards to speed on the hardware you are using.

    Could you tag a physical port as RED or DMZ and see if you get full speed that way?

  • 0 in reply to Bohdan.S

    I tried the DMZ and had the same slow upstream. I had another idea. I set up a VPN full encapsulation with no compression from a site that has 300/300 Mbps connection. I got 58/55 Mbps which is roughly what I get when I hook a laptop to the FIOS ONT (I have 50/50). Sophos XG is messing with the traffic but I cant see how. I'm not sure how it's doing it with IPS, etc. off. I'm setting up a pfsense box to see If Sophos is why I have the cloud based camera  issues.

    I would spend the $$$ on a Sophos enterprise box for home if I knew I would not have issues.  I like the Sophos interface but at this point I can't see changing out any of my Watchguard or Fortinet customers to Sophos with these issues. I was a UTM 9 user and had weird issue with it messing with my VOIP ATA's and PBX despite having exceptions for them. No sure if this is a pattern or just my bad luck.

  • 0 in reply to Murphdog

    I just noticed that I started this in authentication forum. Is there a way to move the thread to the appropriate category? 

  • 0 in reply to Murphdog
    How did you go with your pfsense testing?
  • +1 in reply to Bohdan.S

    Hi,

     

    Sorry I got side tracked. I had the same results with the pfsense box, so the Sophos box is in the clear. It's on the FIOS side.  I haven't solved that part yet. Thanks for the help. 

Reply Children
No Data