SFTP slow transfer showing incomplete data in logs.

cancel
Showing results for 
Search instead for 
Did you mean: 

SFTP slow transfer showing incomplete data in logs.

L0 Member

Hello everyone.

 

I am facing an issue when I transfer files via SFTP and SCP is slow when I introduce Palo alto in the path.

 

Data path: 

Server > Core switch > Palo alto > Fortinet > Internet ( AWS )

Server > Core switch  > Fortinet > Internet ( AWS )

Speed with Palo Alto : 70-150KB/s

Speed without Palo Alto : 600 - 700KB/s

I have created a plain firewall rule on top and also disabled server inspection response. but no luck.

I tried to create an app override policy but that is not getting hit.

Asmita_2-1653547770785.png

 

All I can see in logs is insufficient data with multiple random ports ( ranging from 33500 to 33550 getting allowed  and when checking the same using session id , i see very less count of L7 application data received.

 

Asmita_1-1653547712213.png

 

Asmita_0-1653547559504.png

 

 

 

 

1 REPLY 1

Cyber Elite
Cyber Elite

@Asmita,

Have you checked speed/duplex settings on the interfaces to ensure you don't have a mismatch here? Also what does your application-override entry actually look like? 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!