Excessive traffic over VPN

Hey VPN experts

We have three offices which are connected via VPN.

Headoffice - Netgear SRX 5308 firewall
Branch Office 1 - Netgear SRX 5308 firewall
Branch Office 2 - Netgear SRXN3205 firewall

The VPN between HO and BO1 is fine.

The VPN between HO and BO2 is not fine.

Just the VPN itself is generating excessive traffic.

Especially the upload from BO2 is showing very high amount in very small space of time.

I know its the VPN because I have disconnected any local devices from both firewall for good 10 minutes so both firewalls has only the Internet connection and the VPN between HO and BO2 (BO1 vpn was also disconnected).

The VPN configuration is just the standard configuration for most part when you create an IKE VPN policy on both ends. I have just added a PSK which is just a simple password for VPN connection.

This excessive traffic is taking up most of the bandwidth at BO2 and the users are struggling.

Any help would be really appreciated.

Alex
alex110109Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

carlmdCommented:
Is there any overlap in the networks at both ends of the VPN?

Did this ever work without the problem? If so, do you know what may have changed?
0
alex110109Author Commented:
Hi Carl

Originally, the HO also had the same firewall as BO2 where the problem is.

That's the only change.

Before that it worked fine!
0
carlmdCommented:
Did you physically move the firewall device from HO to B02? If so, it could be an issue with MAC addresses. If so, were the devices at both ends rebooted after the move?
0
Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

alex110109Author Commented:
Hi Carl

The firewall at BO2 was never at HO.

However, running packet capture we have identified a device on the BO2 network that seems to be sending packets across to HO over the VPN so we might have found the root cause.

I will let you know once we conclude our findings.
0
alex110109Author Commented:
Actually there were two things. There was a faulty NAS drive that was trying to do a backup over the VPN to a server across at the other site and there was also a PC with faulty network card.

We turned off both and the traffic came down drastically. We have decommissioned the PC and turned off the NAS drive  for now.

So issue is now resolved. My original suspicion was on the firewall itself but that doesn't work.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
alex110109Author Commented:
Solved it myself for once !!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.