Author Topic: HTTP and FTP Traffic not Optimized !  (Read 5945 times)

Sazgar

  • Member
  • ***
  • Posts: 10
    • View Profile
HTTP and FTP Traffic not Optimized !
« on: January 23, 2018, 11:13:46 AM »
Hi

I am testing wanos  4.2.1 64bit plus 20/200.

In my lab environment, file transfer with the SMB protocol is well optimized

But when I use protocols HTTP (and FTP) to transfer the same files, all traffic will be bypassed (Pass-through)
while the "Peer status" is "Active".

How can I solve this problem?

Thanks
MCSA Security 2003
MCSA 2008

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #1 on: January 23, 2018, 01:05:28 PM »
Please post your traffic policies. This would be expected with bypass rules targeting specific apps or IP addresses.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Sazgar

  • Member
  • ***
  • Posts: 10
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #2 on: January 23, 2018, 06:58:29 PM »
Please post your traffic policies. This would be expected with bypass rules targeting specific apps or IP addresses.

I did not make any changes to default traffic policies (On both sides are the same )

I created a simple web page with download links and I downloaded the file.

I attached the related pictures

Thanks ahenning

MCSA Security 2003
MCSA 2008

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #3 on: January 25, 2018, 08:18:56 AM »
Hi Ali,

The one image has a PLR state of stateless, combined with the issues you are having, I am wondering if there is not maybe something else not 100% with your lab setup.

Are you still having the same conditions after setting the peer timeout higher?
Is it possible that there might be some asymmetrical routing in the setup?
Are you using bridge mode or tunnel mode?
How/What tool are you using to simulate the WAN conditions?

Note on the delay in reply, but considering that this is for educational research, support for this project gets appropriate priority
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Sazgar

  • Member
  • ***
  • Posts: 10
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #4 on: January 28, 2018, 02:31:02 PM »
Hi Ali,

The one image has a PLR state of stateless, combined with the issues you are having, I am wondering if there is not maybe something else not 100% with your lab setup.

Are you still having the same conditions after setting the peer timeout higher?
Is it possible that there might be some asymmetrical routing in the setup?
Are you using bridge mode or tunnel mode?
How/What tool are you using to simulate the WAN conditions?

Note on the delay in reply, but considering that this is for educational research, support for this project gets appropriate priority

Hi Antonie,
Thank you so much for your support

- Yes, after setting the peer timeout to a higher value (900) , the problem was solved, the SMB  traffic is well optimized. but FTP and HTTP are not optimized and bypass.
- No. i have no asymmetrical  routing
- I use bridge mode
and
- I use VMware For the three virtual machines on each side
Side A :
Windows7   >>Connect to>>    WANOS    >>Connect to>>   Kerio Control   >>Connect to>>   DSL modem

Side B :
Windows Server 2012   >>Connect to>>    WANOS   >>Connect to>>   Kerio Control   >>Connect to>>  DSL modem

Two  Kerio Control  are connected via Site-to-Site VPN

I set up file sharing services(SMB), web services(HTTP,HTTPS), and FTP on Windows server 2012
All communications are properly established

When I check out, in general and seemingly all of the items are correct,
SMB traffic is optimized by WANOS , but FTP and HTTP are not optimized and bypass.

MCSA Security 2003
MCSA 2008

ahenning

  • Team Wanos
  • Administrator
  • Full Member
  • *****
  • Posts: 629
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #5 on: January 28, 2018, 03:10:48 PM »
That's hard to believe considering SMB is optimized, but I guess there is a first time for everything.

Can you upload small wireshark trace of the ftp or http test. Just do a very small test file like a few KB, I just want to see the TCP establishment.
CCIE RS, CCIE SP, Mnet&sys

Note: Forum posts may be outdated. Please see the latest documentation at wanos.co/docs

Sazgar

  • Member
  • ***
  • Posts: 10
    • View Profile
Re: HTTP and FTP Traffic not Optimized !
« Reply #6 on: January 29, 2018, 10:14:34 PM »
That's hard to believe considering SMB is optimized, but I guess there is a first time for everything.

Can you upload small wireshark trace of the ftp or http test. Just do a very small test file like a few KB, I just want to see the TCP establishment.


I will send wireshark trace.
But
Given that traffic is bypassed in the trial version. Is it possible that this is related to license?
MCSA Security 2003
MCSA 2008