Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 7 subscribers
  • Views 22799 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange behaviour when downloading files from the internet

Moose

Hi folks,

I installed a SG115w with Firmeware 9.352-6 at a website agency with about 20 users. It's connected to the internet by a 20 Mpbs SDSL line. The most inbound traffic is HTTP, HTTPS and SSH, in sum about 95 % of about 30 GB/day.

Well, all things I configured so far work fine. Several nets, interfaces, SSL and IPSec VPNs - all fine. Except one.

When one (in words one single) user starts a download over http or https, nearly the whole inbound bandwidth is used, i.e. 16...19 Mbps. But, as it seems, for his download only. Any other user(s) who'd like to surf the web or try to do other things in/over the internet get nearly no bandwith, which means they have to wait until the big download already running finished.

This behaviour is a little bit strange to may because I would expect the bandwith to be share equal between all user who send request over the firewall.

  1. So my first question is what's best practice to ensure that not only one user can take/steal the whole bandwith and the other ones have to wait until his download is completed/finished? For example a Xcode download has about 4.4 GB ...
  2. Second question: How can I identify quick and easy which user took the whole bandwidth for his download and how can i cut/reduce his bandwidth while his downloading is running?


Thanks in advance,

moose



This thread was automatically locked due to age.
Parents
  • 0
    Suggestion for your 1. question: Use QoS and Download Throttling.
    Activate QoS on the WAN interface. Then you must define a "Traffic Selector" (e.g. HTTP and HTTPS). After that, you can setup a "Download Throttling" rule for the WAN interface. Choose as limit "Each source address" and as speed limit of e.g. 5 Mpbs. The disadvantage of this solution is, that this is a hard setting. So each single user will get a maximum download speed of 5 Mbpbs, no matter if more bandwith is available.

    Suggestion for your 2. question: Open the dashboard, click onto the in or out graph of the WAN interface. A new window should open and you will see, which client/service uses the most bandwith of this interface.
  • 0 in reply to Moose
    FYI: I've noticed that my Flow Monitor isn't working anymore (Flow Monitor is the window which will show you the used bandwith of users and services).
    Not sure if this is a generally problem, or only a problem of my UTM (see also community.sophos.com/.../73995 if you have the same problem).
Reply Children