Guest User!

You are not Sophos Staff.

Thread Info
  • Locked Locked
  • Replies 3 replies
  • Subscribers 4 subscribers
  • Views 1206 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Slow VPN access

SophosUser456

Hi all!

We are using SSL VPN and facing severe performance issues all the time. When using RDP, the desktop sometimes freezes and copying files to and from the remote desktop takes very long (about 1MB/s, the connections are capable of 10MB/s (home office and office itself)). A few days ago, when many people were using the terminal server, it was not usable at all. It kept freezing all the time. However, when accessing the terminal server on-site it was not a problem.

The performance issues also occur when connecting to a server via SMB. We have disabled IPS, TCP/UDP/ICMP flooding protected, etc. but it is still slow. The IPS logs are empty. The connection is also slow when nobody else is using anything in our network, therefore the network itself cannot be the bottleneck.

Is there anything we can do to find out what the reason for our problems is?

Thank you very much!

Edit: when using SCP, I get much better performance results (download 10MB/s, what I was expecting).



This thread was automatically locked due to age.
Parents

  • Hallo and welcome to the UTM Community!

    The SSL VPN is very resource-intensive.  How many simultaneous remote users and what appliance or computer is UTM running on?  Also, insert pictures of the 'Server Settings' and 'Cryptographic Settings' in the SSL configuration.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply

  • Hallo and welcome to the UTM Community!

    The SSL VPN is very resource-intensive.  How many simultaneous remote users and what appliance or computer is UTM running on?  Also, insert pictures of the 'Server Settings' and 'Cryptographic Settings' in the SSL configuration.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • in reply to BAlfson

    Hi Bob, thank you very much!

    We have about 15-30 simultaneous users, but not all of them are using RDP at the same time (maybe 20 use RDP simultaneously). We have the Sophos SG210 applicance.

    These are the Cryptographic Settings:


    Which Server Settings do you mean? These ones?


    Thanks again!

  • in reply to SophosUser456

    Try changing the 'Encryption algorithm' to "AES-128-CBC" and the 'Authentication algorithm' to "SHA2 256" and the 'Key size' to 1024 (I think that's allowed in the EU).  I also recommend using 'Protocol: UDP' in the 'Server Settings'.

    These changes will require sending a new config file to everyone.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML