Database applications are very slow between tunnel

Forum|Forum|6 years ago
September 13, 2019
1 reply
5121 views

Hi ,

WE have two fortigate , ine is 201E datacenter and one is 80E . We have IPsec tunnel between these locations . Everything works fine except 2 application which are database application located in datacenter. File transfer is 20 times faster than these apps . I tested file transfer from same server in datacenter to same desktop from branch. There was no speed issue but when we try to use apps , it is so slow . Same apps are working fine in datacenter . We have 100 meg speed at branch .

There is no security profiles on both sides . Everything else are working fine , so any suggestion ?

Thanks

emnoc

New Member

I would look at tcp.mss value and adjust iaw with the path-mtu.

Ken Felix

safabAuthor

New Member

Hi ,

Thanks for suggestion , but we do not have any problem when we try to make file transfer like 500Gb , it takes only second . If it is tcp.mss issue , should it be problem for every transaction not only for specific two apps ?

Thanks

emnoc

New Member

No

Each session and maybe that client/server app uses or try to use a tcp mss value that's not supported over the ipsec tunnel

Doing a path or adjust the value to 1420 and retest.

i.e ( cli only per policyid )

set tcp-mss-sender 1420

set tcp-mss-receiver 1420

https://forum.fortinet.com/tm.aspx?m=161526

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded