Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Local Traffic limitation
  •  
idlewild

Messages: 2
Karma: 0
Send a private message to this user
Hi,

I´m evaluating Kerio Firewall for a couple of weeks now. I´ve liked the software and planning to buy it but I have three problems.

1 - I have two adapters:

WAN - Connected to a frame relay (512kbps/512kbps)
LAN - Connected to my local network (100mbit)

The problem is that Kerio is limiting traffic on the LAN interface

The current bandwidth I can get from LAN when firewall is on is about 512kbps!! If I try to transfer a file to my firewall Host the transfer is limited to this speed. Also this file transfer will fight for this limited bandwidth with the traffic being routed to the WAN interface.

So basically, if I try to transfer a file from any host to the firewall it´ll lag all my WAN traffic as well.

I´m not using any CPU consuming services like:
Anti-virus (disabled)
Protocol Inspector (changed from default to disabled on all rules)
Orange filter is also disabled

I have a traffic rule that grant unrestricted access from LAN->FIREWALL and FIREWALL->LAN

2 - User statistcs doesn´t display correctly. I´ve created 12 users for proxy authentication (local user database, not domain)
All users authenticate correctly but only a few users actually show some statistics (traffic).
It´s strange because looking into the HTTP LOG shows that URL requests are being made by all the users correctly (even users that show no user statistics)

3 - I´ve submitted a ticket a few weeks ago and had no reply from it. This is VERY CONCERNING because I´ll not pay for this software with this kind of support. This is a critical software and support must be VERY FAST.


I know that this is a USER forum and Kerio staff orient us to submit a ticket (that won´t be answered) but maybe someone has experienced those issues and can give me a light.

Can I solve those issues or it´s kind of a bug?

Thanks in advance,
  •  
Budje

Messages: 1
Karma: 0
Send a private message to this user
I think the only way to get around this problem is to install Kerio on a dedicated pc.
  •  
idlewild

Messages: 2
Karma: 0
Send a private message to this user
Budje wrote on Mon, 20 August 2007 19:40

I think the only way to get around this problem is to install Kerio on a dedicated pc.


Thanks for your reply Budje but my firewall already is on a Dedicated Host. I'm not trying to use the firewall as a file server or something. But from time to time I have to transfer a file or two from a local computer to the Host... and I can't do that without lagging our Internet Connection!

Another example:
If I'm connected remotely to my firewall host through VNC or RDP it will consume 3 to 5 kb/s (24 to 48 kbps) of the LAN traffic.

If my entire local bandwidth is restricted to 512kbps then users will not be able to fully use our dedicated 512kbps internet link because LOCAL traffic is using it. There's a bottleneck there and this is very serious.


But that doesn't matter now because my trial period is over and I'm already looking into other solution. Even if those issues CAN be solved I'm already very disappointed with Kerio technical support. I'll not relay a such important service on that kind of support.

[]s

[Updated on: Wed, 22 August 2007 17:48]

  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Sometimes NIC drivers cause issues, mostly Realtek NIC's.

My companies connection is 50Mbit (both ways) and I can fully use that bandwidth without KWF breaking a sweat (CPU load <10%). And I do use extensive filtering and AV scanning.

So it's not that this is a inherent problem in KWF...
Previous Topic: Winroute with Windows 2000
Next Topic: FTP traffic: 421 Service not available (The FTP server is not responding.)
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 07:07:26 CET 2017

Total time taken to generate the page: 0.00422 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.