Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Mirza_Asad2723
New Contributor

IPsec VPN tunnel bandwidth consumption user wise when they are using specific application like SAP

Dear Concern,

 

In our organization, we are running SAP HANA on a cloud-based platform, with an IPsec VPN tunnel established from the cloud server for users to access the SAP application. I frequently receive complaints that SAP is running very slowly, even though the internet speed is fine at the same time. I want to diagnose whether the issue lies with the FortiGate firewall configuration or if there is a slow response from the SAP end. Specifically, I want to monitor the tunnel throughput and check if there are any bandwidth issues. The tunnel has been configured with a high bandwidth of approximately 70 Mbps using traffic shaping, but the traffic in the tunnel monitor widget shows in kbps.

Could you please guide me on how to enhance visibility in terms of user-wise, application-wise, and tunnel-wise monitoring? I also want to ensure that the tunnel's throughput or bandwidth is not being choked. Your assistance in this matter is highly appreciated.

 

 

01.JPG

4 REPLIES 4
AEK
Honored Contributor II

Hello

  • You can find all enhanced visibility (user/app/interface) from Dashboard > FortiView > Add view
  • Which FortiGate model and version are you using on both sides?
  • Which profile are you using for traffic shaping? Does the profile have a maximum limit?
  • Try iPerf test between the affected client & server to check the max possible bandwidth
AEK
AEK
Mirza_Asad2723

at my side, The FortiGate Model is 201F and the firmware version is 7.0.10 build0450  and the other side i don't know because they are third party who provide us cloud service. Only they share the parameters for IPsec VPN to establish tunnel. 

 

I had configured traffic shaping policy of per IP shaper based with maximum bandwidth

 

Please share the steps with commands for IPerf test so can test this as well.

 

AdrianaMadilyn
New Contributor

Enable User-based Traffic Monitoring: In FortiGate, go to Monitor > Traffic > Traffic Log. Enable "Enable User-based Traffic Monitoring" under the "Display Options" section. This will allow you to track traffic usage for each user.

Analyze User Traffic Logs: Once user-based traffic monitoring is enabled, analyze the traffic logs to identify any specific users who might be consuming excessive bandwidth or experiencing slow response times. This can help pinpoint potential bottlenecks caused by individual users.

Mirza_Asad2723

Thanks @AdrianaMadilyn 

 

Let me try this and then will back.

Labels
Top Kudoed Authors