Https WebUI from ssh tunneling is very slow
Hello, i've a problem with my gs1900-8hp and gs1900-8, i use ssh tunneling to access on the webui.
On the ssh tunneling it's ok with HTTP but with HTTPs it's very slow…
Equipment informations:
Model Name: | GS1900-8HP |
---|---|
Revision: | A1 |
Firmware Version: | V2.70(AAHI.5) | 02/08/2023 |
It's OK in HTTPs with others devices (Not Zyxel product).
Same problem :
Network Analyse:
* Https → 26,39 sec
* HTTP → 814 ms
Best regards,
Kris
All Replies
-
Hi @Cristol,
This might not be due to the GS1900 since I did a local test in which I connected my laptop directly to the switch and accessed its web GUI with HTTPS, there's no slow (less than 1s).
Have you tried connecting your PC directly to the switch and accessing web GUI with HTTPS? If not, please take it a try and help to check if the connection is still slow.
Zyxel Melen0 -
hello, I forgot to specify it but, it works well directly in https on the same network.
0 -
Hi @Cristol,
Since HTTPS works well when directly connecting the PC/laptop to the switch, the problem might not be due to the switch but between the SSH device and GS1900. From the command you used in the screenshot, it looks like you are using the Opensense firewall. You might need to check if there is any security service or rate limit that could cause this problem.
Zyxel Melen0 -
Hi @Cristol,
We did a local test that used different browsers (Firefox, Chrome, Edge) to test the SSH tunneling and got the below results (use F5 to refresh the web page):
Firefox:
15.07s/9.26s/10.05s
Chrome:
3.21s/3.28s/3.39s
Edge:
6.45s/3.54s/3.33s
From the results, we can find that the slow response might be due to the browser. Please change the browser and try again.
Zyxel Melen0 -
Hello @Zyxel_Melen , thanks for testing on your side, are you on the same network ?
I've problem when i'm not on the same network with :
- differents browsers (Firefox, Chrome, Opera)
- other gs1900 (I've 4 GS1900-8)
- other network (without OPNsense).
I have the impression that the switch takes time to respond when it is not on the same network (NAT).
In the same network configuration, if I try to connect to an other https server (Not on a GS1900), I have no problem with response time.
I've join a zip file with tcpdump et HAR capture
I remain available for additional tests
Best regards,
Kris
0 -
Hi @Cristol,
Apologize for the delayed reply.
The result of my previous test was on the same subnet but is similar if I test across the Internet. However, an increase in loading time on Chrome/Edge has been observed when GS1900 is accessed initially with Firefox. Once Firefox is closed and Chrome/Edge is reopened, the loading times return to normal.
This phenomenon can be attributed to Firefox's tendency to request HTTPS key exchanges repeatedly, letting GS1900 takes longer time for it to complete this task.
Based on the result, I recommend using Chrome/Edge for a shorter connection time.Zyxel Melen0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight