Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Excessive traffic over VPN

Posted on 2014-07-23
6
Medium Priority
?
309 Views
Last Modified: 2014-08-11
Hey VPN experts

We have three offices which are connected via VPN.

Headoffice - Netgear SRX 5308 firewall
Branch Office 1 - Netgear SRX 5308 firewall
Branch Office 2 - Netgear SRXN3205 firewall

The VPN between HO and BO1 is fine.

The VPN between HO and BO2 is not fine.

Just the VPN itself is generating excessive traffic.

Especially the upload from BO2 is showing very high amount in very small space of time.

I know its the VPN because I have disconnected any local devices from both firewall for good 10 minutes so both firewalls has only the Internet connection and the VPN between HO and BO2 (BO1 vpn was also disconnected).

The VPN configuration is just the standard configuration for most part when you create an IKE VPN policy on both ends. I have just added a PSK which is just a simple password for VPN connection.

This excessive traffic is taking up most of the bandwidth at BO2 and the users are struggling.

Any help would be really appreciated.

Alex
0
Comment
Question by:alex110109
  • 4
  • 2
6 Comments
 
LVL 20

Expert Comment

by:carlmd
ID: 40219505
Is there any overlap in the networks at both ends of the VPN?

Did this ever work without the problem? If so, do you know what may have changed?
0
 

Author Comment

by:alex110109
ID: 40219549
Hi Carl

Originally, the HO also had the same firewall as BO2 where the problem is.

That's the only change.

Before that it worked fine!
0
 
LVL 20

Expert Comment

by:carlmd
ID: 40223798
Did you physically move the firewall device from HO to B02? If so, it could be an issue with MAC addresses. If so, were the devices at both ends rebooted after the move?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 

Author Comment

by:alex110109
ID: 40223802
Hi Carl

The firewall at BO2 was never at HO.

However, running packet capture we have identified a device on the BO2 network that seems to be sending packets across to HO over the VPN so we might have found the root cause.

I will let you know once we conclude our findings.
0
 

Accepted Solution

by:
alex110109 earned 0 total points
ID: 40243923
Actually there were two things. There was a faulty NAS drive that was trying to do a backup over the VPN to a server across at the other site and there was also a PC with faulty network card.

We turned off both and the traffic came down drastically. We have decommissioned the PC and turned off the NAS drive  for now.

So issue is now resolved. My original suspicion was on the firewall itself but that doesn't work.
0
 

Author Closing Comment

by:alex110109
ID: 40252698
Solved it myself for once !!
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Secure VPN Connection terminated locally by the Client.  Reason 442: Failed to enable Virtual Adapter. If you receive this error on Windows 8 or Windows 8.1 while trying to connect with the Cisco VPN Client then the solution is a simple registry f…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question