I have a situation at work that has me baffled.
I have a couple of SG330's running in Active/Passive HA mode. These units do everything--web filtering, spam filtering, multi-homed BGP, RED site-to-site VPNs, PPTP...you name it, they're probably doing it.
Within our organization there is a department in another building that thinks they have higher security requirements and wants tight control over their users, so they have their own UTM 220. Their 220 is connected to our SG330's through a fiber connection on a Cisco switch, then trunked back to a VLAN interface on our SG330's. They run their own L2TP VPN on their UTM 220.
I have recently moved our BGP sessions along with this department's connection from a pair of Ubiquiti ER8-Pros to our SG330's. (The ER8's kept crashing at random times for no apparent reason.) When their UTM was plugged directly in to one of the ER8's, the L2TP VPN on their 220 ran fine. Now that they're connected to our SG330's, their L2TP throughput has slowed to a crawl. I suspect there is an MTU issue causing this, but I can't figure out where. I really don't want to go back to using the EdgeRouters, so does anyone here have any ideas?
Thanks in advance...
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
