Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 4 subscribers
  • Views 1618 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WLAN hinter RED Performance

Andre Musso

Hallo Community,

 

ein Kunde hat in einem Branch Office, welches über eine RED50 (Standard/Split) an die Zentrale angebunden ist, einige Sophos WLAN-AP´s laufen. Im Normalfall funktionieren die auch einwandfrei. Jetzt gab es aber mehrfach den Fall dass in der Zentrale eine relativ hohe SSL-VPN-Last am Hauptgateway anlag, und in dieser Zeit funktioniert der WLAN-Internetzugang im genannten Branch-Office nicht mehr. Sobald die hohe SSL-VPN-Last in der Zentrale endet funktionieren die WLAN-Access-Points wieder.

Ich dachte da die Red50 im Branch Office auf Standard-Split konfiguriert ist wird auch der Internet-Traffic der WLAN-Accesspoints lokal rausgeführt und nicht über das Red-VPN zur Zentrale, was den "Performance-Hänger" erklären könnte...

Das WLAN-Netz ist gebridged ins AP-LAN, also in das LAN des Branch Offices.

 

Irgendwelche Ideen wie das WLAN auch bei hoher SSL-VPN-Last in der Zentrale noch funktioniert?

Andre



This thread was automatically locked due to age.
Parents
  • 0

    Hello Andre,

    Thank you for contacting the Sophos Community! 

    In standard/split, regular internet traffic shouldn't cross the RED and send out the regular internet gateway. 

    How do you configure the standard/split networks? And the Wireless network is a Separate Zone?

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Hello Emmanuel,

    the Red50 in  the Branch Office connects through standard/split mode to the the central gateway, the central gateway offers the dhcp-service for the red-net. The central gateway is a esxi-vm with 2 VCores (Xeon E5-2640) and 4GB Ram.

    The Wlan-AP´s sit behind the Red50 and are bridged into the local "Red-Net", no separate zone.

    Normally, the AP´s work correctly. Only in times when the central gateway has a high SSL-VPN throughput at about 100 MBit or higher the WLAN in the Branch Office times out. (This SSL-VPN-traffic has directly nothing to do with the connection to the Wlan-Branch-Office, it´s caused by other user/site2site-connections).

     

    Regards,

    Andre

     

     

     

Reply
  • 0 in reply to emmosophos

    Hello Emmanuel,

    the Red50 in  the Branch Office connects through standard/split mode to the the central gateway, the central gateway offers the dhcp-service for the red-net. The central gateway is a esxi-vm with 2 VCores (Xeon E5-2640) and 4GB Ram.

    The Wlan-AP´s sit behind the Red50 and are bridged into the local "Red-Net", no separate zone.

    Normally, the AP´s work correctly. Only in times when the central gateway has a high SSL-VPN throughput at about 100 MBit or higher the WLAN in the Branch Office times out. (This SSL-VPN-traffic has directly nothing to do with the connection to the Wlan-Branch-Office, it´s caused by other user/site2site-connections).

     

    Regards,

    Andre

     

     

     

Children
No Data
Unfiltered HTML