- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
IPsec VPN tunnel bandwidth consumption user wise when they are using specific application like SAP
Dear Concern,
In our organization, we are running SAP HANA on a cloud-based platform, with an IPsec VPN tunnel established from the cloud server for users to access the SAP application. I frequently receive complaints that SAP is running very slowly, even though the internet speed is fine at the same time. I want to diagnose whether the issue lies with the FortiGate firewall configuration or if there is a slow response from the SAP end. Specifically, I want to monitor the tunnel throughput and check if there are any bandwidth issues. The tunnel has been configured with a high bandwidth of approximately 70 Mbps using traffic shaping, but the traffic in the tunnel monitor widget shows in kbps.
Could you please guide me on how to enhance visibility in terms of user-wise, application-wise, and tunnel-wise monitoring? I also want to ensure that the tunnel's throughput or bandwidth is not being choked. Your assistance in this matter is highly appreciated.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
- You can find all enhanced visibility (user/app/interface) from Dashboard > FortiView > Add view
- Which FortiGate model and version are you using on both sides?
- Which profile are you using for traffic shaping? Does the profile have a maximum limit?
- Try iPerf test between the affected client & server to check the max possible bandwidth
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
at my side, The FortiGate Model is 201F and the firmware version is 7.0.10 build0450 and the other side i don't know because they are third party who provide us cloud service. Only they share the parameters for IPsec VPN to establish tunnel.
I had configured traffic shaping policy of per IP shaper based with maximum bandwidth
Please share the steps with commands for IPerf test so can test this as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Enable User-based Traffic Monitoring: In FortiGate, go to Monitor > Traffic > Traffic Log. Enable "Enable User-based Traffic Monitoring" under the "Display Options" section. This will allow you to track traffic usage for each user.
Analyze User Traffic Logs: Once user-based traffic monitoring is enabled, analyze the traffic logs to identify any specific users who might be consuming excessive bandwidth or experiencing slow response times. This can help pinpoint potential bottlenecks caused by individual users.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content