Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 13192 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL Remote Access slow speed on internal servers

Paul Kocher

Hey everybody!

Yesterday I started testing remote access (SSL). This all works fine - The DNS resolves all internal hostnames and also accessing internal servers isn't an issue.

However when I use one of the main programs we use in our company, working with it is really slow.

The program connects to a SQL-Server in the LAN. When I'm on site this takes no longer than a few seconds - using SSL it's stuck for almost a minute.

So I tried copying some files back and forth and realized it wasn't really a speed issue.

 

Also I would say the firewall is set-up correctly.

Since I had slow speed using the VPN on the first try I changed the protocol to TCP and changed the Port, too.

Compression is enabled.

 

Anyone else ran in this problem and was able to fix it?

Searched for answers for hours but couldn't find anything matching my problem.

 

It only really happens when other programs are accessing internal servers.

 

Cheers Paul



This thread was automatically locked due to age.
Parents
  • 0

    Hi Paul,

     

    Yes, tried that too and depending on the application it might not be easy to solve.

    SSL VPN is not really really fast, and it should performance wise run best with the UDP protocol and compression on if you have enough spare cpu resources on the firewall.

    Either way, the lag and bandwidth limitations on SSL VPN generates a pretty steep penalty on SQL traffic.

    You might want to make sure that IPS or QOS it not capturing your traffic as fx. flood.

     

    Remember when you change protocol to also download a new config for your client.

     

    You might want to make sure that your SQL server support TCP/IP connections and not only named pipes, also access it if possible directly on the IP adresse to avoid further lag on dns lookups.

    If neither works, as it was the case here with a financial application locked in most connection setting, we had to setup remote app lunch via rdp for the application.

     

    In our development department we offer the developers to SSH tunnel into their LAN and run sql and development tools thru the SSH.

     

    Sorry, no golden solution from me but maybe a few new places to look and tweak.

     

    Good luck

Reply
  • 0

    Hi Paul,

     

    Yes, tried that too and depending on the application it might not be easy to solve.

    SSL VPN is not really really fast, and it should performance wise run best with the UDP protocol and compression on if you have enough spare cpu resources on the firewall.

    Either way, the lag and bandwidth limitations on SSL VPN generates a pretty steep penalty on SQL traffic.

    You might want to make sure that IPS or QOS it not capturing your traffic as fx. flood.

     

    Remember when you change protocol to also download a new config for your client.

     

    You might want to make sure that your SQL server support TCP/IP connections and not only named pipes, also access it if possible directly on the IP adresse to avoid further lag on dns lookups.

    If neither works, as it was the case here with a financial application locked in most connection setting, we had to setup remote app lunch via rdp for the application.

     

    In our development department we offer the developers to SSH tunnel into their LAN and run sql and development tools thru the SSH.

     

    Sorry, no golden solution from me but maybe a few new places to look and tweak.

     

    Good luck

Children
No Data
Unfiltered HTML