I'm working with a high availability setup using two Sonicwall NSA4650 firewalls, and I've got two ISPs. My goal is to allocate one ISP for general internet access and the other specifically for my Azure Tunnel. Right now, my tunnel is configured with BGP and routes, but I'm suspecting there's an MTU issue that's leading to slow performance. I'd like to switch out my firewalls as well and am seeking suggestions on the best setup for this situation.
2 Answers
I totally get the frustration with tunnel speeds. Besides checking MTU, you might want to look into your routing policies on the firewalls to ensure traffic is flowing optimally. Sonicwall devices generally have good support for Azure, but if you’re facing persistent issues, it could be worth checking out alternatives like Fortinet or Palo Alto Networks. They have reputation for better performance with cloud integrations.
First off, make sure you have a solid way to measure your tunnel's performance. You've mentioned using Iperf, which is great! If you're noticing a significant drop in speeds while using the tunnel compared to a direct connection, it really could be an MTU issue. Double-check your MTU settings on both the Sonicwalls and Azure to ensure they match up properly to avoid fragmentation problems. Also, if you plan to replace your firewalls, consider options that provide better handling of VPN traffic and performance features tailored for cloud connections.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures