Re: L2TP/IPSec RAS VPN speed boost?

Tech-Archive recommends: Speed Up your PC by fixing your registry

Make sure you disable "use default gateway on remote network" on the clients
VPN connection settings (properties > networking tab > tcp/ip > advanced).
Doing this means that normal web traffic, including downloads, only goes
through the clients own internet connection, and not over the VPN. I noticed
on our VPN, slowed things down considerably, imagine all the unnecessary
encryption and compressing that would have to go on! After all, there is no
need to a VPN user to browse the web through the VPN! It's faster for them,
and free's up addition bandwidth for everyone else!

Ben


"DL Meade" <subtractthisnospamdmeadedeletethis@xxxxxxxxxx> wrote in message
news:u$arjA66FHA.2716@xxxxxxxxxxxxxxxxxxxxxxx
> Home office
> -Win Server 2003 SP1 (std edition)
> -2.66 Ghz / 500MB RAM
> -ISA Server 2004 Std Edition with SP1
>
> Remote user:
> - Win XP SP2
> - 2.4 Ghz / 500MB RAM
> - Cox cable modem
> - Cable modem speedtest is 1900 kbps down, 500 kbps up (via speakeasy.net)
> with no VPN active
> - Certificate installed via Tom Shinder's articles from our Exchange 2003
> server (for VPN)
>
> Our ISA machine is never under a load and it performs well. Months ago,
> we
> setup a L2TP/IPSec VPN with a certificate from our Enterprise CA on the
> Exchange 2003 server. We also run forms based OWA all using
> isaserver.org's
> articles.
>
> From the remote machine, I happened to notice that when the VPN is active,
> downloads (and uploads) move at about 40% line speed (from/to the home
> office). When I download from the web, its closer to line speed. So the
> VPN processing is slowing it down considerably.
>
> We will be retasking the ISA server machine (for other reasons) and I get
> to
> spec out new hardware for ISA. All is well but I would like VPN to work
> much faster. I would think that the VPN encryption/decryption on each end
> is slowing it down. Perfmon doesn't really reflect this and I am just not
> so sure. We have a 100 user LAN, a handful of VPN users (<5), and run
> OWA -
> all on a T1.
>
> Can anything be done to boost VPN speeds? Should I buy more ISA machine
> (CPU/RAM/a special VPN card)?
>
> Thanks,
> dmeade
>
>


.

Relevant Pages

  • Re: Error 721 when logging into Server 2003 VPN
    ... When a remote vpn user tries to connect he gets error 721 "this ... two NICs could be causing the problem. ...
    (microsoft.public.windows.server.networking)
  • Re: Remote access using VPN
    ... Just make sure that the VPN User receives the correct DNS and WINS settings ... It would perform faster if the VPN User connects to a Terminal Server after ... VPN Users are subject to the ISA Access Rules just like anything else ...
    (microsoft.public.isa)
  • VPN still unable to browse
    ... I've come to the conclusion that my ISA server install must be screwed ... up if I can't find a solution to my VPN issues. ... When the VPN User connects to the server, ... the ISA server logs dozens of Spoof Attacks ...
    (microsoft.public.isa)
  • Assign VPN client static IP on cluster
    ... I know I can assign a VPN user a static dialin IP in AD users and computers. ... I have two clustered ISA servers. ... Lets call them ISA1 and ISA2. ...
    (microsoft.public.isa.enterprise)
  • Assign VPN client static IP on cluster
    ... I know I can assign a VPN user a static dialin IP in AD users and computers. ... I have two clustered ISA servers. ... Lets call them ISA1 and ISA2. ...
    (microsoft.public.isa.enterprise)