01-11-2024 12:34 PM
hello
we have deployed a HA 850 series cluster
we have users complaining about problems with:
voice quality on MS Teams
screen freezes
video & audio out of sync
Q is there a configuration I should use to optimise the MS Teams network performance ?
Q are there any logs /packet captures I should run to try and identify the issue ?
thanks
01-12-2024 09:40 AM
Hello,
I would recommend disabling URL filtering on the security policy that is inspecting the traffic. Other than that, its a matter of looking at the traffic packets and interface and bandwidth utilization. Another thing to possible try is checking the box for
in the security policy. Perhaps also looking into QoS, but if its cloud based, that might not make a difference since the internet doesnt respect or adhere to QoS in packets.
Regards,
01-14-2024 11:06 AM - edited 01-14-2024 11:08 AM
"Disable Server Response Inspection" eliminates threat prevention against traffic sent from server to client.
Quite a risky option to set in general but specially if clients are inside and servers in internet.
Are you monitoring bandwidth utilization to be sure you are not hitting limit set by ISP?
Use QoS to prioritize MS Teams traffic.
01-16-2024 03:55 AM
Just going to echo what @Raido_Rattameister stated about the "Disable Server Response Inspection" risks. This isn't a feature to be utilized lightly and I won't want to enable it on something as broad as Teams traffic. It's something that I'll utilize in some scenarios internal to the network where you absolutely need it, but you'd really want to understand the risks associated with it before doing so.
There's some examples where disabling it can be an acceptable solution where speed is prioritized over the inspection of the server to client flow. One that you'll see utilized often is in instances of file servers and SMB traffic, as you'll still be inspecting the client to server flow for someone uploading a new file, but you wouldn't be inspecting a client downloading a file from the server. In some situations that's preferred from a performance standpoint if you have mitigating factors on the file servers to ensure that they aren't feeding anything malicious to your clients.
When you have a large enough ISP connection and a big enough box you shouldn't need to do anything for Teams to work properly. The biggest thing Microsoft will tell you before you implement Teams for telephony is to ensure that you have a large enough connection to support the traffic and to implement QoS, with QoS and properly prioritized voice traffic being one of the biggest things that will cause connection issues.
One thing that you don't mention in your post @paloaltousername is where you're running into this issue. If it's on-prem traffic I'd absolutely be looking at QoS and insuring you have a large enough ISP connection to actually support the transition. However if it's people operating across GlobalProtect then you need to think about the possibility of splitting that traffic and allowing the Microsoft "Optimize Required" entries to exit locally instead of tunneling back to your firewall.
01-17-2024 02:28 AM
thank you for all your help
I have asked the ISP to report back on any QoS or shaping on their on-prem WAN router
the users reporting the issue are located on the LAN with no reported VPN users
the WAN router is local to these users
I am not sure if this service ever worked to an acceptable standard
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
