[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 74
  • Last Modified:

Connection timeouts with mobile vpn users

We just setup a colocation and all connections from our main site to colocation site seem fine.  When remote user connects I start getting timeouts.  Here is the setup.
At main office we have a Watchguard router, at colocation is a Fortigate router.  The gateway and tunnels are setup for site to site between the 2 and it works.
At the main site on the DC, I have sites and services configured accordingly.  The main site subnet is 192.168.0.0/24 and the remote site is 192.168.10.0/24.  I moved one of the DC's into the server portion of the remote site.  When I connect using the WatchGuard VPN client I get assigned an address on the 192.168.113.0/24 subnet.  I can see all servers and access all machines on the .0.0/24 subnet without issue, when I try and hit the servers on the 10.0/24 subnet I get a few replies and then couple timeouts.  If I try a continuous ping I may get up to 12 replies before getting 2-3 timeouts and then replies again.  Also, if I run a continuous ping from my machine at the office (on the 0.0/24 subnet) I get all replies but will start getting some timeouts if someone connects via the WatchGuard VPN client.  
I am hoping I am just missing a step as this is becoming frustrating.
If anyone can provide any insight it would be greatly appreciated.
0
joeyj1970
Asked:
joeyj1970
  • 3
  • 2
1 Solution
 
John HurstBusiness Consultant (Owner)Commented:
You may need to turn NAT traversal ON. Also a site-to-site tunnel will use MAIN Mode. Mobile users use AGGRESIVE Mode. Make sure the mode is correctly set.
0
 
joeyj1970Author Commented:
Thank you John, I will give that a try tomorrow.
0
 
John HurstBusiness Consultant (Owner)Commented:
Please let us know after you have tried. Thanks.
0
 
joeyj1970Author Commented:
John,  We switched to Aggressive mode and latency still existed.  Turns out they had something wrong on the Fortigate tunnel side.  Once they removed the Tunnel and reconfigured in a different manner, I no longer received any packet loss when remote.'
Thank you for the suggestion.
0
 
John HurstBusiness Consultant (Owner)Commented:
Thanks for the update and I was happy to help
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now