Our help desk is swamped with calls from users reporting slow VPN connections. Applications affected include Outlook, Active Directory, Dameware (RDP tool), and shared network folders.
Our VPN and firewall service is managed by Company A and ISP is Company B. Company A confirmed no issues on their end - enough CPU and RAM on the appliance. We are well under our concurrent connection limit. Company B confirmed that we were well under our allocated bandwidth.
What to do next?
Actually check if both are true. Check bandwidth/latency outside the VPN, and that should point to either the ISP or the VPN
Try running “disable-netadapterrsc *” in powershell on a few machines and see if that helps. Also check that your VPN client and Windows are up to date.
There are known bugs with wifi cards (mainly Intel), Windows networking, and VPN clients that combine to cause terrible VPN performance. After reading many discussions I found those 3 steps fix it most reliably. We were using SonicWall global VPN client unofficial version 5.0 from support but found that its broken and the latest 4.10 version works properly.
A common symptom is that doing a speed test from somewhere like speedtest.net will show around 1mbps download but normal ping and upload. I also noticed that doing “ping -l 1500 ” would just plain fail when normally it should work. The system should fragment the packet and send it but that wasn’t happening.
What’s the throughput of the VPN?
Can you define “slow” a bit more? What type of VPN are you using (SSL, PPTP, IPSEc)? What is the bandwidth at the VPN server? What is the bandwidth of the end user? VPN will most likely never be as fast as being on the LAN added latency and encapsulation on both ends can bog things down. Then throw in home networks not having that large of a pipe usually on the upload side and things are gonna be slow.
For instance if you are gigabit on your LAN and have say a 100/100 ISP. That is a huge drop in speed right off the top. The for instance say a user has Comcast 100/20, they are gonna have a rough time esp things that require upload. Then factor in multiple users on the same pipe. There might be nothing you can do depending on where the bog down actually is.
More detail will really help narrow down the issue.
(Edit)Reread your issue…thought it was a home vpn issue
Check your firewall settings
Users report Active Directory is slow?
Interesting
What is the latency between an endpoint and your file server. SMB doesn’t handle ANY internet latency well; the lower the latency, the less bad it gets, but it’s never great.
Lol are you me? I’m in the exact same position, helpdesk is filling up and I’ve resorted to just phoning people to describe the issues as opposed to using dameware. What type of vpn connection are you using?
Have you considered the users ISP/modem/router to blame? We have plenty of users who have the low tier of service with their provider. Often we find their home network equipment needs to be rebooted every couple of days. Depending on their service and provide they could have “neighborhood” problems. Too many people in an area using shared bandwidth.
Something else we also setup was we had set our ACL’s to only allow vpn client traffic come into the lan. We disallowed lan to vpn client and vpn client to vpn client traffic.
Same for Pulse - though version 9.1R5 brought a workaround to deploy some XML from the main VPN appliance to the client to help sort the issue.
Users have issues on Ethernet as well. What can I check on the internal network?
If you’re using a hardware VPN/firewall, it’s really hard to know if it’s the hardware that’s holding it back without having direct access.
Are there more users now? Is this a new problem that has occur because of more users.
Is their an update to the hardware or software/vpn or on their site, a list of known issues.
The only other thing I would do is, at appropriate time, reset/reboot the vpn service to see if that helps.