Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 14988 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

OpenVPN: Slow external (via Internet) connection via VPN (UDP and TCP / with and without compression)

MarkusSchlüter1

Hi there,

although I have a 100MBit (down) / 40 Mbit (up) Internet connection (I get at least 89 / 35) the network speed via VPN tunnel (over LTE 300MBit or another stationary Internet connection 150MBit / 10 MBit) is horrible slow (max. 6 MBit up and down).

I already tested to enable / disable compression, used TCP / UDP protocol and change the cryptographic settings (Key Size, etc.) -> nothing helped...

I did not configure a QOS setting for the firewall rules allowing the traffic between WAN / LAN.

 

Any ideas?



This thread was automatically locked due to age.
Parents
  • 0

    Just for testing purposes, can you go to 'Show VPN Settings' in VPN and in 'Cryptographic Settings' try reducing the key size from the default (2048) to 1024 and check if it improves the performance ?

  • 0 in reply to Anish Deval

    Hi Anish,

    thank you for trying to help.

    I already gave that a try - no improvement at all :-/

    Cheers,

    Markus

  • 0 in reply to MarkusSchlüter1

    Hi,

    Can you please check the Window scaling in the console?

    show advanced-firewall

    Could you please give us more information about the traffic type, you use to see such a slow speed? CIFS, TCP Download, UDP Download?

    Cheers

  • 0 in reply to LuCar Toni

    Hi ManBearPig,

    thanks for trying to help me :-)

    The traffic is slow for SFTP, CIFS (SMBv2), TCP and UDP (stream video e.g. via Skype or Amazon Prime)...

     

    show advanced-firewall output:

    Strict Policy : on
    FtpBounce Prevention : control
    Tcp Conn. Establishment Idle Timeout : 10800
    UDP Timeout Stream : 60
    Fragmented Traffic Policy : allow
    Midstream Connection Pickup : off
    TCP Seq Checking : on
    TCP Window Scaling : on
    TCP Appropriate Byte Count : on
    TCP Selective Acknowledgements : on
    TCP Forward RTO-Recovery[F-RTO] : off
    TCP TIMESTAMPS : off
    Strict ICMP Tracking : off
    ICMP Error Message : allow
    IPv6 Unknown Extension Header : deny


    Bypass Stateful Firewall
    ------------------------
    Source Genmask Destination Genmask


    NAT policy for system originated traffic
    ---------------------
    Destination Network Destination Netmask Interface SNAT IP

     

  • 0 in reply to MarkusSchlüter1

    Hi,

     

    The traffic is slow for SFTP, CIFS (SMBv2), TCP and UDP (stream video e.g. via Skype or Amazon Prime)...

     

    So you talking about a Client, who uses SSL VPN to connect to the XG and uses the tunnel to build up a Connection to the internet?

    So the XG is the default gateway for the client in the internet? Basically you have an issue with all the traffic, which goes through the XG to LAN/DMZ/WAN from VPN, correct?

     

    Cheers

  • 0 in reply to LuCar Toni
    Problem seems not to be the VPN tunnel itself: Direct remote access via WAN port and business rule (access to WAN port IP address redirected to NAS) is also slow...
Reply Children