If such contracts are no longer available from the regular price list you could ask FTNT for a 'coterm quote'.It’s not that your ISP is lying to you, but using an ISP-made speed test app gives the company an advantage. FortiCare will do (firmware updates, warranty extension) but of course FortiGuard would be more beneficial for you (AV, IPS, botnet IP blacklist, webfilter.). For a used unit without contract this will be, hm, difficult but you may well ask FTNT for a contract. Internet connection speed test Patch#Each patch version will fix some bugs and possibly improve throughput (while adding features which introduce more bugs.). Internet connection speed test update#Lastly, if you're running FOS v5.4 do update to the latest build (v5.4.6). IMHO the specs on the datasheet come quite close to realworld figures. That's why you would expect wirespeed performance on GbE ports. Internet connection speed test plus#Plus some more but will usually stay out of the way of running session traffic. CPU will mostly handle session setup, negotiations (IPsec, SSLVPN, PPPoE, DHCP), logging and GUI. The 600C itself is very capable, with decent memory size, content ASIC (CP) and network ASIC (NP) for offloading chores off the CPU. It might well suck up the CPU performance if the WAN line speed is in excess of 100 Mbps for desktop models, higher speeds for multi-core FGTs like yours. Cheap but dedicated WAN routers use a special chip to handle the protocol, FortiOS doesn't. How do you connect to your IPS(s)? DHCP, PPPoE, static IP? There is a known gotcha with PPPoE processing in FortiOS. If you do see wirespeed between LAN ports I would investigate the WAN protocol used. Have you reset the unit after purchase to factory defaults ("exec factoryreset") before configuring it? Beware that this command will delete all of the config. If you don't there is a problem within FortiOS such as the traffic offloading to the network ASIC (NP) being disabled. I usually use iperf for this as the same exe-file contains the server and the client. Please run a performance test between 2 hosts on your LAN, both with GbE ports, AV disabled. I would have checked first if this phenomenon is connected to the WAN port and/or protocols. * Traffic routed through specific ISP for specific tasks (Mail through one, other traffic through another) * Seperate Network for myself and my flatmates (I can't have them accessing the VPN to work) Other than this the Fortigate is functioning as I require I'm running FortiOS 5.4, not using WAN LLB (as I require VPN). Is there any way I can tweak the fortigate to get better performance, or does anyone have any ideas as to why I am not getting the speeds as advertised? Checking the specs on the 600c and seeing that it has 2.5 Gbps IPS I thought this would be powerful enough to give me closer to the 1 Gbps speeds. I thought okay, the CPU isn't powerful enough to handle what I wanted, so I kept an eye out for a second hand later model when I found the 600c being sold locally. Actually, initially I was getting slower speeds but after turning off logging it increased to around the 500 mark. I previously had a Fortigate 200b, which gave me the same speeds, and while investigating I noted that the CPU of the fortigate was maxing out. However, when I run my connections through the Fortigate, I am only getting circa 500 Mb. When I connect the basic routers that were provided from each ISP I get close to what is promised 900 Mb+. I have two ISPs and am on a 1Gb plan with both of them. I have just purchased a Fortigate 600c firewall to route my home office network to the internet. First time poster here, so hopefully I got the most appropriate thread.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |