Forinsight
asked on
VPN: which specific services and ports should be given priority
asus vpn router rt-n16 has traffic priority regulator as the attached snapshot shows.
but i don't know specific services and ports to be given priorities and what bandwidth u/d capacity should be specified. i know that i need to specify upload should be maximized but how?
my comcast cable has the following throughput:
upload: 5+mbps
download: 30 mbps
shared folders to be accessed are in windows 7 shared folders in a workgroup
vpn clients access via this router the shared folders for:
intuit tax proseries.
currently i can see that all go to the tunnels. even my clients use my comcast connection internet when they connect via their windows vpn client. when they use speedtest.net, they see my comcast provider and not theirs.
this is the reason why it takes so long to load remotely the files because the upload is merely 1.5mbps.
vpn-servicice-traffic-QoS.jpg
but i don't know specific services and ports to be given priorities and what bandwidth u/d capacity should be specified. i know that i need to specify upload should be maximized but how?
my comcast cable has the following throughput:
upload: 5+mbps
download: 30 mbps
shared folders to be accessed are in windows 7 shared folders in a workgroup
vpn clients access via this router the shared folders for:
intuit tax proseries.
currently i can see that all go to the tunnels. even my clients use my comcast connection internet when they connect via their windows vpn client. when they use speedtest.net, they see my comcast provider and not theirs.
this is the reason why it takes so long to load remotely the files because the upload is merely 1.5mbps.
vpn-servicice-traffic-QoS.jpg
ASKER
although this recommendation is not proper for the issue involved, i tried it and found it to have made no difference.
if you use this and configured your vpn clients this way, you would immediately see read in the instructions that your client will be forced to use the remote gateway ONLY when it can not be sent to the LAN.
ANY MORE BRIGHT IDEA, please....
if you use this and configured your vpn clients this way, you would immediately see read in the instructions that your client will be forced to use the remote gateway ONLY when it can not be sent to the LAN.
ANY MORE BRIGHT IDEA, please....
ASKER
please answer the question here and take a look at the snapshot. please..... no one has indeed answered the question!
I can't answer the original question until you answer my follow up question. What type of vpn connection is this (SSL, IPSEC, PPTP, etc...)?
Removing the remote gateway as the default does have a huge bearing on bandwidth at the remote site. If the remote gateway is set as the default then ALL internet traffic from the client will traverse the VPN and use bandwidth at the site. Remember the internet is not on the LAN; it's on the WAN. If you pull up a website this is a WAN connection but does not need to use the VPN therefore should hit your LAN gateway only and not the remote gateway. This is commonly called a split-tunnel VPN. You also will not see a benefit from re-configuring just one client; you have to re-configure all of them to see the bandwidth drop.
Please remember the experts on this site are volunteers and receive no compensation so please be courteous in your replies even if you don't fully understand why someone posted something.
Removing the remote gateway as the default does have a huge bearing on bandwidth at the remote site. If the remote gateway is set as the default then ALL internet traffic from the client will traverse the VPN and use bandwidth at the site. Remember the internet is not on the LAN; it's on the WAN. If you pull up a website this is a WAN connection but does not need to use the VPN therefore should hit your LAN gateway only and not the remote gateway. This is commonly called a split-tunnel VPN. You also will not see a benefit from re-configuring just one client; you have to re-configure all of them to see the bandwidth drop.
Please remember the experts on this site are volunteers and receive no compensation so please be courteous in your replies even if you don't fully understand why someone posted something.
ASKER
using PPTP rncsween. have i been discourteous? sorry if you think so. but, i never said anything that invites your ire. but that's not the issue.
ASKER
indeed i'm thankful for the job you're doing. i may sound irreverent but not discourteous. perhaps it's the inflection of the language or shall we say language cultural background. it's different when your hear me speak. sometimes we bow our heads to show respect and courtesy to our fellowmen. but how do i do that in writing english. it's second language to me. but next time i'll do my best to craft my sentences more politely... but i don't know how i can do that.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi mcsween. Is that correct; "highest priority to port TCP 47" ?
Port 47 is a special NI-FTP service.
PPTP's GRE is Protocol 47, neither a TCP or UDP protocol
PPTP is TCP port 1743
Cheers!
--Rob
Port 47 is a special NI-FTP service.
PPTP's GRE is Protocol 47, neither a TCP or UDP protocol
PPTP is TCP port 1743
Cheers!
--Rob
On your VPN clients you want to configure them to not use the remote gateway as their default, unless you want all their internet traffic to go over the VPN first. In Windows the setting is buried a couple screens and buttons in. See the screenshot from this link.
http://www.solo-technology.com/blog/2009/08/14/windows-vpn-tweak-dont-use-remotes-gateway/
Removing the remote gateway option might fix this issue so you don't need to set a CoS.