• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2714
  • Last Modified:

Slow VPN Over ADSL

Hi.  In connecting a XP Pro client over a 2048 ADSL connection to a Win 2003 file server the file transfer rates are incredibly slow (50Kbps).    Is this maybe an ISP limitation or is there something I could configure to make this connection usable?
5 Solutions
Usually an ADSL line has limited upload speed, this is likely restricting the VPN
Well, by design, ADSL (Asymmetric Digital Subscriber Line) does not have equal bandwidth for uploads and downloads. Generally, the upload bandwidth available is much lower than the download bandwidth.

You may want to go test your upload bandwidth on your XP Pro client by going to a site such as the following:


You can gain a 30-40% speed improvement by using a lower encryption level in IPSec than the maximum allowed.  For many applications, this medium encryption would be fine.  Test the DSL speed with a 100MB download on both sites.  If you are not getting 158.6 MB /sec, it is not running to full speed.  You might be toward the end of the DSL line, which means slower speed.

"Is this maybe an ISP limitation "

Yes some ISPs do choke bandwidth, but generally on ports 80 and 25 (for HTTP and FTP servers), usually not for the VPN ports.  But you could always ask them.  Some like southwest bell deliver bad DSL service for VPN use, they are supposed to give dedicated IP, and they dont do it, even if you pay for it.  If you are not using a dedicated IP at both ends of the tunnel, this will SERIOUSLY impair your VPN speed.  Also, if you are using dynamic DNS or something like that for an IP, since their server is in India, it could hamper the VPN speed.
What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Rob WilliamsCommented:
Test to see if you basic VPN connection is OK. Ping a device at the remote site through the VPN tunnel. For reasonable performance you should see less that 125ms response time. A good connection is less than 50ms. If longer than 125ms you will need to look into why, and possibly even look at other service providers.
Win 2003 Server
        V (What is the Upload speed)>>>>>>>>>>>Variable 1
(  Internet)
        V(IPSec/bit Encription) >>>>>>>>>>>>>>>Variable 2
(ADSL/2Mbps)(Upload Speed, Variable 3 when transfering the file from Client to Server)
(Application, FTP, Windows Explorer, etc)>>>>>>>Variable 4, For each different Application the Speed varies

How do you do file transfer ?
On my VPN connections (2300 kbit ADSL) I do Windows file Transfer (Windows Share -> Network Drive) only as fallback because Windows is somewhat stupid when the latency of the connection is a little longer (longer than the usual 0.5 ms on an ethernet). Plus, Windows Network (SMB protocol) produces a lot of overhead (I think +20-50%) on the net.
Try transferring files with FTP, if you can install an FTP server on the Windows 2k3 Server.
Another method: try UltraVNC http://ultravnc.sourceforge.net/ and use it's integrated file transfer mechanism.
I admit that it is somewhat cumbersome to open a VNC session, then to open the file manage and copy the file, but it may get better network speed.
Check with your server's adminstrator if installing VNC (which would also give you access to the machine's desktop) ist appropriate. Maybe it is ?
You may have a packet fragmentation issue. DSL, or more specifically PPPoE and VPN add headers to each packet. If you have not lowered your MTU then each packet will have to be broken up for transmission by your client and reassembled at the host. That takes bandwith and effort. This is described in more detail at http://en.wikipedia.org/wiki/MTU_(networking).

Your MTU can be determined by pinging your host with the -f flag (for do not fragment) and the -l flag with a number of bytes to send, eg:

   ping -f -l 1500 <servername>.

With 1500 as packet size you'll see something like "Packet needs fragmentation but DF set". Now lower your packetsize with 10 at a time until you see a normal ping result. Then increase your packetsize until you see the error message again. Your maximum packet size is the last packetsize that you saw without the error. Your MTU is the maximum packet size plus 36.

Typically you can configure your VPN client software to use a lower MTU size. Cisco provides a set mtu utility for their client. Microsoft provides a step by step guide for their vpn client at http://support.microsoft.com/default.aspx?scid=kb;en-us;826159 .
Sam PanwarSr. Server AdministratorCommented:

speed slow is depend on the following

1. Your computer hardware profile .
2. If you are using firewall or proxy then use limited filters
3. If you are using internet antivirus security then its also reduce speed and bandwidth.
4. Automatic updates like critical and service pack which is run in window so stop these.
5. Cable and equipments like hub and switch check the following connections

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now