Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 598
  • Last Modified:

VPN latency with Outlook

Hi All,

I have a central offfice running Exchange, SQL and file sharing on a Windows 2k server platform. This office has a 1MB (down stream) satellite internet link. I have a VPN server/firewall (Watchguard) handling VPN duties using PPTP. Connection, authentication and file transfer are fine (although latency affected to the usual degree), but any data handling through Outlook and the SQL agent is really slow. I am fully aware of the latency implications and reason for this, and I think that the slow transfer rate for Outlook is due to the way it or the PC handles packets i.e. it waits for acknowledgement of receipt before sending ther next packet of data. My aim is to find a method of increasing packet size or altering the way the PC's handle packets to speed up the process and get the data through faster. The alternative is to use modems to dial in to, which I want to avoid if possible.

Cheers,

Ben
0
Ben-Higgins
Asked:
Ben-Higgins
  • 5
  • 2
  • 2
  • +3
1 Solution
 
martapCommented:

You could also try lowering the encryption level to see if that speeds anything up.
0
 
lrmooreCommented:
A simple fix to help speed up the  Exchange interaction would be to use a LMHOSTS file on the VPN client. Putting the domain information and netbios names into cache may significantly speed up your experience.
0
 
Dr-IPCommented:
That is typical of satellite links; it’s related to the latency, and the time it takes for the client to respond to the exchange server as the lists a synchronized. The best solution I have found for that problem is use the Outlook Web Client instead.

As for the SQL through a satellite link, that’s even worse, possible solutions are using Terminal Services to access the SQL server so everything runs there, creating a web interface for the SQL server, or a true front end, back end app so all data handling is done on the SQL server. The Terminal Services is the most popular solution as it’s the easiest to implement, even though it’s a real dog through a satellite link, but it’s still light years faster than trying to use an OBC connection.    
0
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

 
fadiramadaCommented:
Do you have your DNS set to an external address?
0
 
winzigCommented:
Problem with the Oulook latency will be solved when the users will be using  2003 in the  cache mode ( there will be  the same user experience when the user is connected over the slow connection as on the lan.)

But there isn't probably way haw to improve SQL latency.
0
 
Ben-HigginsAuthor Commented:
Thanks for your comments so far... In response...

How would you go about lowering the encryption level further than PPTP?

I like the LMHOSTS idea. Is there a link or set of insrtuctions to go with that?

We use highly individual propreitry software with SQL, so a change of front end is not an option. Terminal services is what I use for server admin, but no good for the impatient execs who just want their email now!! Web access is a no-no partially because we have our domain hosted off site and run SBS, and partially because my guys don't want/<can't afford to> only have access to their emails online. We are talking execs who syncs exchange @ home 1st thing, and again at intervals during the day over WiFi or GPRS connections and need constant access to this data.

I use the satellite service providers DNS.

Cached exchange doesn't solve the problem... it still takes an age for the data to sync due to the packet handling mentioned in the question.


I guess i'm asking the impossible but I need a functioning exchange client and if possible SQL access even with the latency problem. Does anyone else know of any VPN standards, or alterations that would allow me to get closer? At present it will take 6-7 secs to bring up a text email in non cached mode and will take an age (i'm talking possible 1 hour plus) to sync in cached exchange mode..... Thanks again for all the suggestions so far...
0
 
Dr-IPCommented:
Where your domain is hosted is irrelevant with it comes to using the Exchange Outlook Web interface for Exchange access as it runs on the Exchange server its self. So instead of launching Outlook to get emails once you are connected to the VPN, you launch your web browser, and put in the name or IP address of the exchange server in it and log in.

The custom SQL app situation it the reason using Terminal Server to solve remote SQL server access issues is the most popular solution. As the cost for a Terminal Server license is a fraction of the cost of rewriting the code. I took advantage of the last rewrite of our database application to move it to a web interface because of remote access issues, so next time you do a major rework of it, you might want to add that to the list. In my situation the added cost was minimal, since they had to rewrite most of the front-end any way, and it made little difference to them to make it work through a web interface.  
0
 
Ben-HigginsAuthor Commented:
Will try the web access to see if it improves the situation...
Terminal server is not an option with this degree of latency, it is just to frustrating to use for these guys. For SQL, can I try using local copies that take published info from the master. If so, how would I do this?

Cheers
0
 
lrmooreCommented:
0
 
Ben-HigginsAuthor Commented:
Thanks for that... I'm away from the office for a few days but will try that upon my return. The replies are not being ignored and are appreciated. Will post again when I have had a go.....

Cheers
0
 
Ben-HigginsAuthor Commented:
Ok,

I tried the LMHOSTS method, but it doesn't seem to make a huge improvement. Does anyone know if you can increase the packet sizes Windows sends over a VPN connection?

Cheers
0
 
Ben-HigginsAuthor Commented:
Hi all,

I seem to have at least improved the situation to a workable level using a combination of various tricks:

1. The LMHOSTS file as suggested by lrmoore
2. Tweaking the RWIN and MTU values to speed up comms
3. Changing the mail protocol to pop3 to eliminate the RPC chatter that exchange uses.

This will do for remote users at this point, for those demanding Exchange syncronistion rather than POP3 i'm going to put a dedicated Branch office VPN link in so that their PC's can update constantly and share the load out over time.

I will award the points ot lrmoore, as even though it wasn't a total fix it definately helped the situation

Cheers
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 5
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now