OpenVPN SSL slow over the pond

Question

Hey People. 
 
 It's great to have a good community here. 
 Hopefully you can help me this time? 
 
 We are facing really weird issues related to bandwidth over OpenVPN. 
 
 We have 1Gbit upload. It seems that the more latency the connected client has, the more the bandwidth suffers. 
 We tried different setting of encryption, no change. We have CPU load on the UTM always ~10-20%... 
 
 If it goes well I'm getting 1-1,5MB/s (MegaByte)...but often it's stuck at ~2-400 KB... 
 I added IPS exceptions, checked packetfilter and ips logs. There's nothing being dropped or so! 
 
 Any idea what this could be? 
 
 Cheers 
 David

sachingurung · Answer

Thanks for the information, hence, the issue is when accessing the internal resources through the VPN tunnel. 
 What is the DNS configured on the UTM and the remote systems when they connect does changing them to internal DNS server IP address (If available)helps you? 
 
 Test for irregular latency on the network:- Using traceroute/tracert and ping - from the UTM to server, from VPN connected system to server, from internal client to server. Make note if there is a significant difference in speed between the different hops. 
 Test for packet loss using continuous ping. From the UTM to server, from VPN connected system to server, from internal client to server. 
 Review packetfilter.log and ips.log for interesting packet drops for the connected client's IP address. 
 
 Next, if the server are behind eth1, show me the output of "ifconfig eth1" and "ifconfig tun0". 
 Thanks