VPN connection at home slows broadband internet

[Cutehumor]

anyone know how I can get my VPN internet speed up? I have Comcast business internet at home. I used different servers because on the VPN, it said my location was in Dallas, TX

This is my speed test


4 minutes later. my speed on the vpn network

 

[Quest]

In other words: you are getting slower than normal(non-VPN, just regular internet access)network bandwidth when you VPN back to your office?

Q.

 

[Cutehumor]

yeah. my broadband internet slows way down when I'm vpn cisco program at home. btw, this is wired connection. shouldn't the speed be the same whether I'm on vpn or not?

 

[ctc]

When you're on VPN, you're accessing the internet through your company's network. That is why it is slower.

 

[Quest]

Originally Posted By: ctc
When you're on VPN, you're accessing the internet through your company's network. That is why it is slower.


bingo!

 

[heypete]

Originally Posted By: ctc
When you're on VPN, you're accessing the internet through your company's network. That is why it is slower.


That, and there's a modest overhead on both ends for all the cryptography that's being performed on the data stream.

To be honest, the speeds over VPN don't seem all that bad...

 

[javacontour]

What would be an interesting test is to see if while you are on VPN with one computer, how another performs.

In other words, have computers A and B. A is either on or off the VPN, what speeds does B experience for each state of A?

As others have pointed out, your speed on the VPN may be limited by the internet connection of your employer as your internet access is via one of their gateways, not the ISP.

 

[BearZDefect]

VPNs sound good at first, and perhaps are that good if all you want to do is enable someone to take an office computer home and work at home as if they were still inside the office network.

But if it is your own computer at home, that you use for whatever you want (including office work), then VPNs are a royal pain!

While connected to the VPN, instead of the usual liberty you have at home you are now bound to the office network rules and limitations. You've also discovered that all your network traffice now goes (through the Internet) to your office network first, then out to the real destinations on the Internet. So, if you're working all day through a VPN that you don't control, it's like your PC is locked up in a cage from a networking standpoint.

Maybe my analogy is poor.

Anyway, I much prefer to open a port on demand, and create an SSH tunnel through it that doesn't interrupt the rest of my networking. Through such a tunnel I can safely create all the connections to hosts and services within the office LAN that I need. The downside of this approach is if I actually go to the office and want to access those hosts directly, the host addresses/ports are not the same as through my tunnel mappings.

I am sure the network gurus here have better solutions than mine.

 

[Cutehumor]

I like your analogy bearzdefect. I use microsoft word all day everyday on my company provided laptop at home. saving files to our network drives takes forever, I have to save at least 28 files a day. For example, saving 28 files takes almost 1.5 hours a day. I tried going through our IT tech support folks in the past, but they told me my speed was fine. In the office, saving files on LAN was lightening fast. IT laughed and said it was 300 mb/sec in the office.

 

[Cutehumor]

Originally Posted By: javacontour
What would be an interesting test is to see if while you are on VPN with one computer, how another performs.

In other words, have computers A and B. A is either on or off the VPN, what speeds does B experience for each state of A?

As others have pointed out, your speed on the VPN may be limited by the internet connection of your employer as your internet access is via one of their gateways, not the ISP.


I'm doing a comparison. I wired my sony vaio home pc and my work computer using the ethernet ports on the back of my linksys router.

 

[Cutehumor]

Work computer on VPN


Work computer off of VPN

 

[ToyotaNSaturn]

Well, from your OP, we know who you work for.

Are you using XP for all your computing here? I'm thinking you'll need to tune your TCP/IP stack for a higher-latency connection so that files on the Windows servers will save more quickly.

This might help: http://www.speedguide.net/read_articles.php?id=157

Vista and Win7 have MUCH better TCP/IP stacks.

 

[Rand]

The speed is slower because thats the speed of your companies internet not your internet.

 

[Cutehumor]

Vista and Win7 have MUCH better TCP/IP stacks.

Oh ya, I'm not worried, I'm just a peon at my company.

Yeah, were using all XP SP3 here. Thanks for the link. I don't have administrator rights though which sucks. Last time I went to our IT hotline, I had to talk to a guy from India first and it was a nightmare. Then when I got someone else, he said my 5 mb/sec was good and I would have to get my manager to approve more broadband speed.

I maybe in a no win situation here.

 

[javacontour]

Originally Posted By: Cutehumor
Originally Posted By: javacontour
What would be an interesting test is to see if while you are on VPN with one computer, how another performs.

In other words, have computers A and B. A is either on or off the VPN, what speeds does B experience for each state of A?

As others have pointed out, your speed on the VPN may be limited by the internet connection of your employer as your internet access is via one of their gateways, not the ISP.


I'm doing a comparison. I wired my sony vaio home pc and my work computer using the ethernet ports on the back of my linksys router.



A few things. You would have to take multiple samples of each computer and find an average.

Second, any difference in this computer when the other one is on the VPN compared to when it's off the VPN?

That's what I was asking. You can't really compare this computer to the other one off and on the VPN because it's a different computer, different speed, O/S, etc.

Change only one thing, the state of the other computer while measuring the speed of this one and get an average of say 10 tests for each possible state.

I.E. 10 measurements of computer B while A is on the VPN
then 10 measurements of computer B while A is off the VPN

Compare the averages of each set of data.

 

[tmorris1]

Can't you just change the default route to be yourown internet gateway instead of the VPN? Then internet traffic would flow through your broadband ISP instead of going through the company's internet via the VPN.

 

[javacontour]

Originally Posted By: tmorris1
Can't you just change the default route to be yourown internet gateway instead of the VPN? Then internet traffic would flow through your broadband ISP instead of going through the company's internet via the VPN.


Probably not. Most VPN implementations hide the local network as part of the security for the corporate network.

When I'm on the VPN, I cannot access my local network.

Not to mention, if you make your gateway the default router, you probably will not be able to access hosts in the corporate network.

So I just use two computers, and switch back and forth if I'm working from home. One computer is on the VPN, the other is not.

 

[Rand]

It depends on how you vpn.

I work from home. I log into the corp domain and remote in to servers..

thats the only vpn traffic. The rest of the traffic say.. internet speed testing is direct from my home isp to the speedtest.

It just depends on the VPN solution that was implemented.

 

[OVERKILL]

VPN implementations vary greatly by manufacturer and depending on who sets them up.

I'm a big fan of OpenVPN and subsequently, IPSec for example.

If I'm setting up a net to net VPN, only the traffic intended for the other side of the tunnel is routed through the tunnel. This is the most efficient in terms of bandwidth management and doesn't cause the issues the OP is experiencing.... Which are NORMAL for a VPN that changes the default route to occur THROUGH the VPN.

I use the same method when I setup a host-to-net VPN. Why? Because nobody likes to browse the web through a router saturated by 30 virtual clients over a 6Mbit connection.

Depending on the routing options pushed by the VPN client software or through the VPN router (depending on the configuration) determines how "exposed" the private network is to the network the user is on. This is much more controllable with client SOFTWARE vs a net-to-net routing solution, which is why this is the preferred setup for employees at home.

I have extensive experience in VPN design and implementation and manage a large number of them running on everything from Windows Server to Linux and BSD hosts, to Cisco routers.

 

[Rand]

Yes that is what I was going at.. but was too lazy to type it.