Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 5 subscribers
  • Views 16255 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site-to-site VPN upload issue

LeeHwa

Hi,

Currently I'm facing issue on the VPN upload speed.

- FTP upload to Web hosting, the upload bandwidth is 500kb/s-700kb/s.

- VPN upload to other branch Sophos XG, the upload bandwidth is 100kb/s-200kb/s only.

 

My side Sophos model is SG135/UTM9. The IPsec policy attached as below.

 

Any idea or advise on this?

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Lee, and a belated welcome to the UTM Community!  I see you've been here for over a year, but it's the first time I've been in a thread with you.

    I don't remember the details, but there's a vulnerability in AES 256, so I recommend the "AES-128 PFS" Policy.  That also should be much faster than your current IPsec encryption algorithm.  Depending on your hardware, compression can slow down throughput, so I agree that you should try with that off.

    Also as suggested above, you should try testing apples to apples.  FTP direct and then FTP through the tunnel to the same server.

    Cheers - Bob

Reply
  • 0

    Hi, Lee, and a belated welcome to the UTM Community!  I see you've been here for over a year, but it's the first time I've been in a thread with you.

    I don't remember the details, but there's a vulnerability in AES 256, so I recommend the "AES-128 PFS" Policy.  That also should be much faster than your current IPsec encryption algorithm.  Depending on your hardware, compression can slow down throughput, so I agree that you should try with that off.

    Also as suggested above, you should try testing apples to apples.  FTP direct and then FTP through the tunnel to the same server.

    Cheers - Bob

Children