Hi Everyone,
We have a SSL VPN for our corporate users on a Fortigate 5001V (daily average users 10-15). Everyone internet speed slows down as soon as they connect to vpn. Below are some examples of speed test without and with vpn. Please let me know if this is normal expected behavior slow down or if there is something that we can do to improve the situation. I can also provide tracert if need be. We do have a manage network so I do not full cli access to the blade, but I can pass any recommendation to our manage provider company:
The issue is more significant and a pain point when users map a server shared folder and they try to save or dowload the file. The VPN blade is in the west coast and most share folders are also in the west coast. I do expect some slowness while updating huge excel files in the NY shares drive folders. Our typical time from vpn or from mpls is always consistent at 75ms from LA to NY (while on vpn or mpls is always at around 73ms), so I think the culprit could be the fortinet 5001v.
100/100 -> on vpn 20/10
300/20 -> on vpn 30/3
70/10 -> on vpn 15/2
175/5 -> on vpn 15/5
thank you
Manuel
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
By this hardware specification FG-5001E devices has 9Gbps throughput for SSL VPN.
https://www.fortinet.com/content/dam/fortinet/assets/data-sheets/Fortinet_Product_Matrix.pdf
You shouldn't have any problems with the platform. What is the software version?
hubertzw wrote:Hi!....Remember you can't offload proxy inspections to FortiASICs, all is done on CPU.
Are you sure about that? I think, Fortigate CP8/CP9 will offload in flow-mode AND proxy-mode...
hubertzw wrote:Wow... In that case, nobody should use proxy-mode on any model >FG100x - right?
https://help.fortinet.com...eleration-overview.htm
In that case, I did some stupid things...
KPS
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.