Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 1 subscriber
  • Views 801 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Packets journey takes longer on Site-2-Site with SSL-VPN?

tekuton
We are looking on a time-consuming behaviour between two locations when using SSL-VPN for a S2S between a Astaro v8 and v9.
Calling a webpage off a server which is behind the v8/SSL-VPN S2S takes more or less 400ms. When calling a webpage from a server which is behind a third Astaro on v9 and S2S is via IPSEC,
we get 200ms. When tracing to the webserver on the SSL-VPN S2S we see a IP from the SSL-User pool as the second hop. When tracing over the IPSEC tunnel we find the IP of one of the endpoints and the webserver as one would have expected it.
So, is it normal when using S2S with SSL-VPN that it takes that long?

thanks and regards
teku


This thread was automatically locked due to age.
Parents
  • 0
    To speed up an SSL VPN, change the protocol to UDP on the 'Settings' tab and then re-download the client and install it on the other UTM.  It still won't be as fast as IPsec, but it should be much faster. 

    Cheers - Bob

    Sorry for any short responses.  Posted from my iPhone.
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    thanks Bob, I switched it to UDP and at first glance it looks way better. Lets see how this will develop - and yes I would have preferred IPSEC.
    thank you
    Sven
Reply Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML