Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 3 subscribers
  • Views 1720 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 sites 2 utm's

SnurrDass
hi
i presided my brother to build a UTM and now its ready.

then we like to connect the the UTM's and create a network.
Should we use RED or just site-to-site vpn?

what is the best solution?
we like the UTM's to do it own Internet traffic course the lack of bandwidth.
we run 25/25 fiber at both sites. 

some opinion on whats the best solution?

Dan


This thread was automatically locked due to age.
  • 0
    Hi Dan,

    A RED tunnel is faster than an SSL VPN, but both the SSL VPN and the RED use more CPU cycles and are slower than an IPsec VPN.

    In your situation, here's my suggestion for the right mixture of speed and security:  Choose the AES 128 PFS policy on both sides.  Rather than go through the complexity of X509, send each other your public RSA keys and configure with them.  I don't like the security of Preshared Keys unless you change the PSK every few months using long, randomly-generated keys.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    tnx bob
    we try it out. 
    we have running a fortigateUTM setup for some time and the SMB shares does have high pingtime.
    hope this can sort the problem.


    tnx 
    Dan
  • 0
    If you have any problems, Dan, remember to check #1 in Rulz.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    If you have any problems, Dan, remember to check #1 in Rulz.

    Cheers - Bob


    when running FrotigateUTM the speed was about 2mb/sec
    now whit 2 UTM's the speed do not exeed 350k/sec
  • 0 in reply to SnurrDass
    Hi,

    1. 2GB is very low if you have A/V and IPS both on.

    2. The Atom CPUs are slow, but mine gets 15mbps through the IPS and VPNs.
    You may have a configuration problem.
    What did you put in "Local Networks" in the IPS settings?

    Barry
  • 0 in reply to BarryG

    What did you put in "Local Networks" in the IPS settings?


    just Internal (Network)
  • 0
    OK, good.

    1. how's the RAM utilization?

    2. Start disabling features and see if the speeds go up.

    Barry
  • 0 in reply to BarryG
    OK, good.

    1. how's the RAM utilization?

    2. Start disabling features and see if the speeds go up.

    Barry


    Ram is about 45-50% and cpu is 5% at idle, at full load.
Cookie Information Banner