?
Solved

VPN Speeds Slow

Posted on 2013-12-31
5
Medium Priority
?
267 Views
Last Modified: 2014-02-05
Internet connection at home is around 20mb down and around 10 up. Internet connection at work is around 20 down and around 20 up. Tested via speedtest.net.

When I connect to my VPN from home, the speedtest I get is 3mb down and 3 up. I understand there will be a little latency because of running through the VPN and my corporate internet, but that seems drastic.

Any thoughts on troubleshooting speeds? Where to start?

Cisco equipment (Older Concentrator) IPSEC
0
Comment
Question by:bcrosby007
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39748318
First, speedtest.net is not reliable for an accurate test. There are way too many variables in play such as the browser in use, multiple threads, TCP vs UDP, load on the far end test server, etc.

That all being said, I am assuming from what you are stating, that to get to the Internet test site, it is as follows.

PC --> BB Router --> Internet --> VPN Concentrator --> Internet --> Speedtest.net....

and the return path is...

Speedtest.net --> Internet --> VPN Concentrator --> Internet --> BB Router --> PC

Now there may be a router/gateway device in front of your VPN concentrator, but you didn't mention that. Is this correct?

As you can see, getting to and from Speedtest.net, your using up/down bandwidth bi-directionally each test, upload and download, which will cut down the amount of available bandwidth for the work side Internet capacity. Not to mention that other users at the office are using that capacity as well, depending on if there are users there during this time. You didn't mention a specific time, so again I am assuming here.

Yes, there would be encryption latency going over the VPN, however your concentrator is probably NAT'ing/routing as well to get your traffic to the destination, which may increase the overhead on the older concentrator as well.

Again, I am making some assumptions here based on the information provided. If you have additional information, please provide and I can help further. I hope this helps to understand what may be occurring here.
0
 
LVL 7

Author Comment

by:bcrosby007
ID: 39748342
Correct on the data path. I do not employ any split tunneling. The concentrator basically straddles my ASA.
It takes around 5-10 seconds to open a 2 mb image file over the vpn. Whereas when you open an image from the internet (not connected to the vpn), it is almost instantaneous. It just seems like there is a ton of overhead even though the internet connections are decent.
We have fiber built into my corporate network and we pay for 20 down and 20 up, but actually receive 20 down and over 150 up..
 
Wasn't sure if there was a easy way to make sure that the concentrator isn't junk.
0
 
LVL 6

Expert Comment

by:Jordan Medlen
ID: 39748377
What does the "sh proc cpu" output look like on the concentrator while connected? What about the memory utilization? Can you provide "sh int" output as well?
0
 
LVL 7

Author Comment

by:bcrosby007
ID: 39748405
The concentrator only has 64 mb of ram. CPU utilization is virtually zero.
0
 
LVL 6

Accepted Solution

by:
Jordan Medlen earned 1500 total points
ID: 39748412
What about Internet consumption by the rest of the users? Where does that sit?
0

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question