Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Di_Junior
Advisor
Advisor

Hide NAT impact on skype for business

Dear  Mates

We are currently experiencing poor call quality when using our on-premise sype for business. We are in the process of finding the possible reasons for that, and as always it comes to the firewalls guys. 

Most of our users are working remotely, so they tend to use skype when connected to to VPN, there are two things that I need help with:

1. Does remote access VPN creates a significant impact on voip services(in this case skype calls)?

2. Since we are doing Hide NAT on the office mode pool, does Hide-NAT have any impact on that too?

 

Any other recomendation is welcome.

 

We are using R80.20, we do not have https inspection enabled.

Thanks in advance.

0 Kudos
6 Replies
Timothy_Hall
Champion
Champion

VPN should not cause noticeable overhead for something like Skype unless your firewall is overloaded or needs some tuning.  Post the "Super Seven" (s7pac) command outputs for further analysis.

However are you seeing persistent high CPU utilization on only one of your SND cores?  There was a thread awhile back about a bug that could cause all remote access VPN traffic to bottleneck in a single SND core. 

Hide NAT shouldn't directly degrade the performance of Skype either, typically protocols either work with Hide NAT or they don't.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
HristoGrigorov

Allow outbound STUN (UDP/3478-3481) and everything will be fine.

0 Kudos
Di_Junior
Advisor
Advisor

Hi Hristo

Can you elaborate more on that? My vpn access rule for corporate users is set to "Any".
Thanks
0 Kudos
HristoGrigorov

If it set to Any then it must be something else. 

0 Kudos
Di_Junior
Advisor
Advisor

Yes, I wanted to validate what else I could look for on the firewall side. I was thinking maybe the VPN and Hide NAT could have an influence on this behavior.
0 Kudos
Di_Junior
Advisor
Advisor

Hi Tim

Thanks for your feeback.

The firewall itself does not have any performance issue, and there is no single SND core with high CPU utilization. The traffic is being distributed accordingly among the cores


0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events