• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 14112
  • Last Modified:

How to speed up VPN connection #2

To connect to a all the files on corporate network, including a large database application, and work from home, I have the following on the notebook.

1. Toshiba notebook: Pentium III chip, 996 Mhz, 768mb Ram
2. SMC Networks EZ Networking EZ Card 10/100 ("allows notebook user to connect to Ethernet or Fast Ethernet networks at 10 Mbps or 100Mbps. Full-duplex support doubles the data rate to 200 Mbps... 16-bit PCI bus...)
3. Cable internet with 8mbps down and 768kbps up.
4. Watchguard VPN program.

Corporate site:
1. Watchguard VPN and firewall.
2. T1 going out to internet (and me)
3. Windows 2000 (not 2003)

It is too slow. See my previous question for some answers to this question, such as using terminal services or remote pc. The corporate sysadmin says no to TLS/SSL based authentication because we don't have Windows 2003, and anyway the method protects servers, but not the network.

It has been suggested by the corporate sysadmin that if I had a Watchguard device at home, thus moving the VPN logic and encryption onto a dedicated hardware device, I might speed things up.

What say you to that?
0
pickwick-systems
Asked:
pickwick-systems
  • 4
  • 2
1 Solution
 
dpk_walCommented:
Having a specialized device which has VPN accelerator built-in would definitely help speed the VPN connection; on the current connection if you reduce the encryption from AES-256 to 3DES; this can also help speed up the connection.
 
One more comparatively less secure way is to use PPTP VPN tunnel rather than MUVPN (IPSec) VPN Tunnel.

You might also want to look at the current upload speed of 768 kbps which looks dwarf when compared with your download speed of 8 mbps.

Thank you.
0
 
grbladesCommented:
How fast is a terminal services connection?

You refer to a database application. I assume it is making database calls over the VPN?
A lot of database applications make lots of very small queries to the database and in these situations it is the packet delay between the client and the server which slows down the application. If this is what is causing you the problem then there is very little you can do other than get the software author to improve the efficiency of the database application by making more use of stored procedures for example.
0
 
pickwick-systemsAuthor Commented:
dpk_wal: I'm looking for a solution that will give me access to the network from home at a speed that is comparable to my in-office access speed - a couple of seconds to open a file in Word, for example. Currently this takes 5 minutes from home. Would installing a T1 make this happen in seconds?  Would reduced encryption make it that fast?
0
Simple Misconfiguration =Network Vulnerability

In this technical webinar, AlgoSec will present several examples of common misconfigurations; including a basic device change, business application connectivity changes, and data center migrations. Learn best practices to protect your business from attack.

 
pickwick-systemsAuthor Commented:
grblades: My access is extremely slow even if I'm just browsing the drives to locate a file and open it with the notepad. It's not just the database.
0
 
dpk_walCommented:
Having a faster internet connection like T1 would help for sure; I cannot assure you if you would be able to open a word document in 2 seconds; however, I can assure you it would not take 5 minutes. You would observe latency but the latency would not hamper your work.

If you wish to go for T1 and a hardware firewall for VPN acceleration then you can configure a Branch office VPN [BOVPN] instead of remote user VPN; in this case as the firewall would do hardware acceleration for VPN, the latency would be further low.
However, I would suggest you to check with your sysadmin if they would actually configure a site-site or BOVPN for you; if they don't then the firewall with VPN acceleration would not help.

I would like to ask if you are making a split tunnel from your home to office or are you making a default route VPN Tunnel; because if default route then even not needed entire traffic is unnecessarily going over the VPN. Configuring split tunnel would help as the amount of traffic going over the tunnel and hence getting encrypted/decrypted would reduce and hence speed up the things.

I would also like to check to make sure your machine is not affected with malware/spyware/virus etc., as this would again ensure unnecessary traffic would not be routed over the VPN tunnel.

Final thing that I need to check is: do you use your local machine [the one which acts as client for VPN tunnel] for communication OR you just remote desktop to your work PC from your local machine and then do the work. The reason I ask, is because if it is remote connection then only RDP traffic flows over VPN tunnel and all the database query and other connections go over your office network only.

Please advice.

Thank you.
0
 
pickwick-systemsAuthor Commented:
1.do you use your local machine [the one which acts as client for VPN tunnel] for communication OR you just remote desktop to your work PC : I do not remote desktop to my pc. The notebook that I use at home is the same one I use in the office.

2. make sure your machine is not affected with malware/spyware/virus etc. It isn't. it has all the protections of any other pc on the office network, because that's where it is usually docked.

I am unable to answer the other questions myself. I'll have to wait until monday to ask the sysadmin.
Thanks for your help.
0
 
pickwick-systemsAuthor Commented:
The sysadmin feels that gotomypc is secure enough. I just tested it, and it is much, much, fsster than the vpn setup. I'm going to use it for now.  
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now