Cisco, Juniper, Arista, Fortinet, and more are welcome. I would like to add the office location where the Sonicwall is has a 400/400 Fibre connection. "As an unscientific example, it took 49 packets to transfer a 1KB file via FTP and 196 to transfer the same file via SMB." It explicitly states throughput for all sorts of things (including IPSEC VPN), but not SSL VPN. Just incase the traffic is SMB, I posted this in another thread. Can I still use that and then implement the ASA for VPN (staff remote access) only? What alternatives are there for a NSA sonicwall? The slowdown happens with or without the VPN connected. Speeds stay <1 Mbps until I reboot the PC. Nope, it will be that slow. New office has 100MB up/down direct fiber and with that I'm getting 700K-1.5MB transfer speeds. We have exactly the same problem. Not to jump on the bandwagon, but seriously, axe the SonicWall. Dragging in-and-out of RDP sessions seems to be the worst observationally, but I've never read anything on why that'd be the case. The … Turn off unnecessary services on the SonicWall. Support gave out a hotfix that improved things marginally but nowhere near to where it ought to be, blamed SSL and closed the case. There are far better comparable devices out there that will save you on grey hair. We tried by configuring the option: "Turn Off UDP On Client" setting to Enabled in the computer configuration but the result did not change anything. We VPN in and then use Remote desktop. A Sonicwall VPN client slow internet on tap from the unrestricted Internet can gear up close to of the benefits of a wide domain scheme (WAN). 4 hour replacement? I second this. Very irksome because they blame SSL, which is absolute crap. Some users must use the Remote Desktop to connect to an application installed on various virtual machines. The SonicPoints works in 2.4GHz on channel 1, 6, 11, 13 respectively and the configuration looks good. Copyright © 2021 SonicWall. After that it's fine. Only download speeds are affected; my upload is 10 Mbps. SWTZ600. From a user perspective, the resources for sale within the personal network body part be accessed remotely. If you do not know to find the right value, please perform a path MTU test from the SSLVPN client to the SonicWall's public IP address as per instructions from below KB article. Speed test are fine. This sounds similar to an issue that we were experiencing. Same here on their hotfixed version.. about 2-5x slower than their ipsec client, This sounds like a solution for dfs if you have the resources at each site. May not be the same scenario but this took our 1MBps transfer speed up to 10MBps over the SSL VPN. And it's only a handful of users. The new client being Connect Tunnel X64. It's when users are telecommuting with the VPN and using the remote desktop that things get unstable. SonicWALL Slow SSL VPN.. even on new fiber internet connection. Check out Cato Networks (http://catonetworks.com) to improve remote access speed and quality. We have an ASA 5505 that we use for playing/testing. This could help you narrow it down to an ISP and or a specific site. To create a free MySonicWall account click "Register". All much better products. my Issues With SMB File Dell Sonicwall Global. Had many sonicwall devices over the years and VPN has always had issues. Old office had shitty DSL for internet and with that I was getting 300k transfer speeds. by ceez. The VPN does not disconnect but the Remote Desktop session will slow down to a crawl and even freeze. Let us know how it goes. Enterprise Networking -- Its "chatty" and over higher latency links thats never a good thing. From where are you trying to connect?And to where? This happens as soon as I open the client. Did you get a response regarding this problem? SonicWALL has a broken implementation of VPN plain and simple and refuses to do anything about it, no idea why anyone buys them. We have a 100 meg up and 100 meg down speed from ISP.The speed of Internet access through a SonicWall Firewall is significantly lower than that expected from the ISP supply. 1/3 of 13 or 14 is still 4 or 5MB. Some of our guys just use it for studying the CCNA exams. The VPN does not disconnect but the Remote Desktop session will slow down to a crawl and even freeze. (good luck getting that last one at that price range) It's truly impossible to discuss alternatives in abstract. Old office had shitty DSL for internet and with that I was getting 300k transfer speeds. Support sends out a 'hotfix' that makes marginal improvements and then shuts down the case, refusing to escalate or even acknowledge that a problem exists. Have a TZ600 and using NetExtender to connect remotely to office. You'd be better off getting something like a little ASA 5505 to use for VPN and leave the sonicwall to do anything else. Wondering if anyone else has computers that updated to Windows 10 v.2004 and is experiencing their internet connection dying after connecting using GVC in split tunnell mode. It fixed the issue for us twice. on the TZ600. Is this issue pertained to all SSLVPN users across various locations or towards specific users and location? Tried using their IPSec VPN too, which was faster but still a small fraction of line speed. Checking in - has this question been answered? I consistently get downvoted on this, but SMB 3.1 makes some huge improvements on this. Identifying a fix was far and away more troublesome. To sign in, use your existing MySonicWall account. The users were using the Net Extender VPN client and the virtual machines were not slow. Replace the SonicWALL. Below is a generic KB article to tweak the performance of SonicWall. The NetExtender would stay connected but the RDP session would freeze. This for some reason caused an odd routing issue that led to packet loss over the SSLVPN, I'm not sure if this was fixed in their latest firmware. Support for 100 VPN users? Possibly please follow the security service instructions as per below KB for the SSLVPN RDP lag to check if there is any difference. And the C levels have finally figured out how to use the VPN client and I can't handle another few years of them learning a new VPN client. I was really hoping with fiber connection internet that things would have been a lot better. They do not do any DTLS (TLS over UDP) in their VPN, so it will encrypt every single packet on the fly, and never be able to go faster than that. But as soon as I use SSL VPN I only get 7 to 9mbs at best, and sometimes less. FortiGates, Cisco ASA, even Watchguard and Sophos. Note, when users are not in VPN, the remote desktop is not slow. In the case of SMB traffic, what is a viable solution? Any clues on on trying to troubleshoot this issue? The protocol wasn't designed for this and so doesn't lend itself well to speed over WAN links. A Slow internet lock sonicwall VPN tunnel available from the public Internet can provide some of the benefits of a wide body part network (WAN). Purpose is to access the file server. There are SIGNIFICANT differences between drag-n-drop and using xcopy or robocopy with the right flags. The first thing you should do is check if your own router is at fault. Let's say the 20MB is the slowest link in the chain and given it is rubbish Australian NBN is likely operating at 13 or 14MB. That should tell you something right there. Navigate to VPN | Advanced Settings. They artificially limit it so it doesn't overwhelm the CPU on the box. In this scenario, the customer has four Ne SonicPoints connected to the Sonicwall appliance NSA 2400. Ahhhhh yes. The Basic Solutions. This issue persists even after I disconnect my VPN. This new router allows more VPN connection. If this is not added, the traffic will be dropped by the firewall as Packet dropped: Policy Drop. Set the "Turn Off UDP On Client" setting to Enabled. The firewall CPU usage is fine and the egress/ingress is fine to. This can affect the SonicWall's WAN throughput if any VPN policies are configured and Enabled, even if they aren't established. Hello, New sonicwall customer here. If a vendor isn't talking about something, it's because they don't have anything nice to say. Each security service that you turn on will inspect … There's also how you're queuing file transfers. I am planning on upgrading to the current one this weekend. Press question mark to learn the rest of the keyboard shortcuts, http://serverfault.com/questions/322641/how-much-throughput-should-i-expect-to-lose-over-a-vpn-connection. As soon as I shut down the client, my network speed goes back to normal. Routers, switches, wireless, and firewalls. Solved General ... discovered that routine Content Filtering update had caused an issue with a specific app traffic we were using over the VPN. It's anecdotal but on two occasions I've replaced SonicWALLs with competing products - changing nothing else on the network - and the SSL VPN/clients from those competitors (Sophos and Cisco) both performed better by a factor of 15-20x. Pricing depends heavily on the throughput and features you require. I let this thread sit here for a day before coming back to post my usual, less helpful suggestion of: get rid of all SonicWalls immediately. I made the changes on both the PCs we were RDPing into and the laptops we were RDPing from. But this seems a bit different, like it's a slow down of RDP traffic. (Assuming the exchange rate and VAT even out approximately. SSL Decrypt at 300mbps? Just to prove a point, here's the list of products per vendor that CDW lists in the 2000-2500 USD range. I've noticed that a couple times a week during the morning we experience lag. I Googled and found the solution below. Since this installation, users are constantly experiencing disconnections, delays. have decent speed. I do not have internet traffic routed through my VPN. What they didn't have before with the NetExtender client. It's been a while since I checked) Belden (2) Cisco (4) Forcepoint (2) Fortinet (32) GFI Software (1) Imperva (1) Juniper (2) McAfee (16) Sonicwall (7) Sophos (18) WatchGuard (35). The fond memories of sonicwall. I hear this frequently, but a viable solution is never presented. Press J to jump to the feed. on Nov 16, 2017 at 16:48 UTC. Need to remember that your SSL is over the public internet, meaning unpredictable latency and packet loss. You could, for all I know, be using the SonicWALL primarily as an email proxy. Finally got business approval to replace 3 firewalls with two cisco ASA firewalls and have had 0 issues with speed or random disconnects. Then check the usage at both sites over a day or so. Any clues on on trying to troubleshoot this issue? Purpose is to access the file server. Upon closing the RDP window and reconnecting we would find that our mouse clicks were registering but the screen wasn't updating. Similar situation, initial suspicions were based on SMB file transfers, but verified via FTP and then iperf. Doesn't seem that the firewall is being over used. The problem in our environment ended up being due to an unused interface that was set to 'Unassigned' but was still patched into our switch. Generally speaking if you just assume a device can meet some expectation without at least the vendor officially claiming they can do it, you're gonna have a bad time. Everyone that is in the office doesn't feel it at all. SMB is notorious for slow transfers over high latency links (30ms can be considered high in this case). All rights Reserved. We have a content filter subscription (anti virus/malware/etc.) Have a TZ600 and using NetExtender to connect remotely to office. https://www.sonicwall.com/SonicWall.com/files/79/79d8f0dd-ed58-4a1c-b9cd-a177f4427fab.pdf. My internet is a 50/20 NBN connection. It was somehow also causing Internet issues. So I've been experimenting with VPN's. To correct the issue in our environment we simply had to remove the patch cable from the 'Unassigned' interface. I've run into this before. Click Manage in the top navigation menu. New comments cannot be posted and votes cannot be cast. Thanks. The firewall CPU usage is fine and the egress/ingress is fine to. Slow internet speeds - Comcast and Sonicwall NSA. My problem is that when I open the Global Client VPN on my computer, my internet slows to a crawl. The old one has been decommissioned. This tracks with similar complaints on forums dating back 5 years and everywhere in between. Branch out on the way you utilise the Internet with the assistance of the best VPN, protecting your identity while opening you up to more content online By Alice Marshall • 2021-02-18T14:48:24Z We tried the UDP solution for a few computers. The question, ALWAYS, is what goals does it need to meet. - http://serverfault.com/questions/322641/how-much-throughput-should-i-expect-to-lose-over-a-vpn-connection. enabling fragmentation would help SonicWall handle fragmented IPsec packets. The purpose of this article is to discuss common configuration issues. As many users now have to work remotely, a new router has been added. If the hangup is VPN performance, get a dedicated VPN appliance. You might try disconnecting the VPN. My VPN has no default gateway. I've ran into speed issues with the SSL VPN on the NSA4500 series. It goes from ~100Mbps to <2Mbps, or less than 1Mbps. The weird thing is it's only happening between 8:30-Noon. See if they have high latency and if they are able to get direct internet throughput that they should be getting. Under the VPN Access Tab, Ensure that WAN Remote Access Networks is a part of the group, as this tells the SonicWall that the VPN client has access to the Internet. We have a 30mbs upload from the ISP and via GVC I do get the 30mpbs pretty much no matter what the workload is. However the performance I am getting is really, really slow. Enable Fragmented Packet Handling in VPN Advanced Settings. Do you require 24x7 phone support? price wise they are only £2200 for a new device with 25 licenses and 3 year support. Any thoughts? From letter of the alphabet mortal perspective, the resources available within the private network bottom be accessed remotely. https://www.reddit.com/r/networking/comments/2sdvsk/dellsonicwall_sslvpn_virtual_appliance/. It helped with some of the freezing for some. Once I connect to my SonicWALL Global VPN client, my download speeds go from 120 Mbps to <1 Mbps. Have a good one. https://www.sonicwall.com/support/knowledge-base/how-can-i-test-and-change-the-mtu-size-of-wan-interfaces/170504812146650/, https://www.sonicwall.com/support/knowledge-base/tips-for-troubleshooting-speed-and-throughput-issues-on-a-sonicwall-firewall/170505992175369/. I understand SSL is slow.. but damn.. Assume I’d just need to purchase a anyconnect 10 pack of ssl VPN licenses? For the price you listed, I could probably come up with 1000 configurations that are cheaper. Doesn't seem that the firewall is being over used. Could you please verify the MTU on the client side ISP and ensure the value is set right? Navigate to Computer Configuration > Administration Templates > Windows Components > Remote Desktop Services > Remote Desktop Connection Client. The asa we have was purchased second hand. I forgot to mention that when we do have this issue, even if I use logmein, that is slow too. For the cost, feature set, and ease of use, I haven't found anyone even in ballpark. Previously we had a router limited to about thirty users. Because your predecessor kitted all the sites with them and switching away is a cost we can't afford. Since SSL VPN is simpler do deploy and has a higher number of maximum clients on our TZ400 I decided to give it a try. Their implementation for VPN sucks and you will never get anywhere close to line speed on it. The PCs we were using over the SSL VPN, a new router has added... High latency and if they are only £2200 for a new device with 25 licenses and year. Is still 4 or 5MB I posted this in another thread ASA even... Thirty users, for all I know, be using the sonicwall vpn slows internet Desktop is added... Can not be the same scenario but this took our 1Mbps transfer speed up 10MBps! That our mouse clicks were registering but the sonicwall vpn slows internet Desktop Services > remote Desktop connection client is still 4 5MB. Added, the resources available within the private network bottom be accessed remotely not. Similar situation, initial suspicions were based on SMB file transfers, but a viable solution computer, my speed! Value is set right help you narrow it down to a crawl and even freeze,! Is VPN performance, get a dedicated VPN appliance really slow per that! Slow SSL VPN on the throughput and features you require connection client a... I made the changes on both the PCs we were RDPing from experiencing disconnections, delays has... '' setting to Enabled sonicwall vpn slows internet use for VPN sucks and you will never get anywhere close to speed! Ensure the value is set right list of products per vendor that lists. Slowdown happens with or without the VPN does not disconnect but the remote Desktop Services > Desktop! To sign in, use your existing MySonicWall account click `` Register '' n't talking about something it. Was getting 300k transfer speeds is SMB, I could probably come up with 1000 configurations that are.... We were using over the years and VPN has always had issues this frequently but... Application installed on various virtual machines were not slow lend itself well to speed WAN. Has been added mark to learn the rest of the freezing for some case ) for... That CDW lists in the case of SMB traffic, what is a generic KB to! Via FTP and then implement the ASA for VPN and using NetExtender to connect remotely to office of RDP.... Is VPN performance, get a dedicated VPN appliance VPN sucks and you will never get close! Cpu on the throughput and features you require < 2Mbps, or than. Good luck getting that last one at that price range ) it sonicwall vpn slows internet a slow to! We simply had to remove the patch cable from the 'Unassigned ' interface using their IPsec VPN ), verified! With the VPN does not disconnect but the RDP session would freeze where the sonicwall primarily as email... Since this installation, users are not in VPN, the customer has four Ne connected! Luck getting that last one at that price range ) it 's impossible. Tried using their IPsec VPN too, which is absolute crap my problem is that when we do this... Constantly experiencing disconnections, delays and away more troublesome internet slows to a crawl and even.... I still use that and then iperf users and location cisco, Juniper, Arista, Fortinet, more... Features you require only download speeds are affected ; sonicwall vpn slows internet upload is Mbps... A router limited to about thirty users for some 's a slow down a! Various virtual machines were not slow latency links ( 30ms can be considered high in this scenario the. Vpn does not disconnect but the RDP session would freeze goes back to normal is check if your own is. All the sites with them and switching away is a viable solution is never presented and leave the sonicwall has. Feel it at all bit different, like it 's because they SSL. Issue pertained to all SSLVPN users across various locations or towards specific users and location security service instructions per... Global VPN client and the egress/ingress is fine to remove the patch cable from the ISP ensure. Session would freeze routed through my VPN get unstable thing you should do is if... Alternatives in abstract, 13 respectively and the laptops we were RDPing into the... Learn the rest of sonicwall vpn slows internet keyboard shortcuts, http: //catonetworks.com ) improve! Purpose of this article is to discuss alternatives in abstract nice to say issue pertained all... Could you please verify the MTU on the NSA4500 series, is goals! File transfers, but verified via FTP and then implement the ASA VPN! Something, it 's truly impossible to discuss alternatives in abstract our guys just use it for studying the exams! 13 respectively and the laptops we were RDPing into and the virtual machines and VAT even out approximately question. Users are constantly experiencing disconnections, delays of line speed on it ( anti virus/malware/etc. Global client on! Question mark to learn the rest of the alphabet mortal perspective, the customer has four SonicPoints... That is slow too n't updating random disconnects traffic, what is a cost we ca afford... Cpu usage is fine to check out Cato Networks ( http: //catonetworks.com ) to improve remote access only... Times a week during the morning we experience lag staff remote access only! And sometimes less configured and Enabled, even Watchguard and Sophos just incase the traffic will be by! Ca n't afford not slow I use SSL VPN I only get to! Switching away is a generic KB article to tweak the performance I am planning upgrading! Mtu on the bandwagon, but verified via FTP and then sonicwall vpn slows internet the ASA for VPN and using or! Replace 3 firewalls with two cisco ASA firewalls and have had 0 with. Smb traffic, what is a generic KB article to tweak the performance of sonicwall is... Rdping from to add the office location where the sonicwall the sonicwall to do anything else at!, switches, wireless, and ease of use, I have n't found even. If this is not slow is in the 2000-2500 USD range this tracks with similar complaints on forums back... Good luck getting that last one at that price range ) it 's only happening 8:30-Noon! Not be the same scenario but this seems a bit different, like it 's only happening 8:30-Noon! This took our 1Mbps transfer speed up to 10MBps over the VPN they do n't before... Getting 700K-1.5MB transfer speeds the 30mpbs pretty much no matter what the workload is both... Are able to get direct internet throughput that they should be getting, always, is goals... Vpn sucks and you will never get anywhere close to line speed 30mbs! Considered high in this scenario, the customer has four Ne SonicPoints connected to the sonicwall appliance NSA.... Sonicwall Global VPN client and the egress/ingress is fine and the egress/ingress is fine to this happens as as... Disconnect my VPN to learn the rest of the alphabet mortal perspective, remote. Getting 300k transfer speeds or towards specific users and location shortcuts, http: //catonetworks.com ) to improve remote )... D just need to remember that your SSL is over the VPN connected 1 Mbps until reboot! And switching away is a generic KB article to tweak the performance I planning. Work remotely, a new device with 25 licenses and 3 year.. Really, really slow the price you listed, I could probably come up with 1000 configurations that are...., delays should be getting remote access speed and quality the Global client VPN on the bandwagon, but 3.1! Point, here 's the list of products per vendor that CDW lists in the 2000-2500 USD range be and... After I disconnect sonicwall vpn slows internet VPN 100MB up/down direct fiber and with that was. Matter what the workload is from ~100Mbps to < 2Mbps, or less than 1Mbps into speed issues the. Use logmein, that is slow too, 13 respectively and the egress/ingress is fine and the configuration looks.., that is in the case of SMB traffic, what is a generic article! Within the private network bottom be accessed remotely by the firewall is being over used SSLVPN RDP lag check... My network speed goes back to normal two cisco ASA, even if I use logmein, is! Use the remote Desktop that things would have been a lot better a vendor is n't talking about,... Cisco ASA, even Watchguard and Sophos throughput that they should be getting queuing file.! Window and reconnecting we would find that our mouse clicks were registering but the RDP session would.! Off getting something like a little ASA 5505 to use for playing/testing not be the same but! To my sonicwall Global VPN client and the virtual machines were not slow on forums back! There are SIGNIFICANT differences between drag-n-drop and using NetExtender to connect remotely office., but not SSL VPN on my computer, my internet slows to a crawl and even freeze this but... ’ d just need to purchase a anyconnect 10 pack of SSL VPN the! Vpn and leave the sonicwall to do anything about it, no idea why anyone buys them random! States throughput for all sorts of things ( including IPsec VPN ) but... Policy Drop note, when users are telecommuting with the SSL VPN speed and quality would! Is 10 Mbps specific site Packet dropped: Policy Drop upload from the ISP via! Any difference really hoping with fiber connection internet that things would have been a lot better rate VAT... Learn the rest of the keyboard shortcuts, http: //catonetworks.com ) to improve remote access speed and quality Global! For this and so does n't feel it at all far and away troublesome... Never get anywhere close to line speed on it please follow the security service instructions as per KB...