Slow vpn speed - need advice

One mount later, I start receiving complain of one of my client using SSL wathguard VPN with T20 appliance. After talking to WG support and read several post on web, I transfert all users to L2TP vpn and the speed came back. Everything goes fine until now.

Today I got the same problem but with L2TP vpn this time. Slow connections, high latency between 50 and 1225 ms. Connected on the same server with LogMeIn the speed is good. Testing internet speed good too. Internal LAN or web browsing is good too. Restarting WG change nothing

Only vpn traffic are slow. Just one user connected…
Any idea? I don’t know what to test or look…

Thanks.

Nord100force VPN is beneficial for speed, providing fast, reliable connections with high-speed servers. This ensures smooth browsing, streaming, and gaming experiences without lag. Perfect for users needing fast and secure internet.

If it’s just one user then there’s a good chance it’s an issue at their end , ask them to wire in their device and not use wi-fi, and use something like pingplotter to monitor their link.

Also have you tried the VPN from your location to see if it works fine , which would indicate it’s not a WG issue?

L2TP is not very secure I would have done IKEv2 (more secure and performs better than SSL VPN)

SSL is known for being slower… that said a T20 is only supposed to support 10 VPN users… how many are connecting?

WatchGuard support told us that due to them not offloading SSL VPN traffic to their crypto chips and the socket buffer in the OprnVPN client you can’t expect great throughput on the SSL VPN. Even with M470s with a gig circuit I could only get 15-20Mbps throughput with iPerf. The solution is switching to IKEv2. We are transitioning all of our clients to IKEv2 and it’s been a lot better.

Sorry I was not clear. One user and myself. I got a good link network here. Tomorrow more user will connect, we are at night for now.

Yes speed test are done from my network.

L2TP is not so bad.
Less than 7 users max. Normally 2-3 users connected

IKEv2 is definitely the way to go. Just be wary that not everywhere will allow those types of connections outbound.

Thanks for the advise, but L2TP was working well until today. I don’t think the problem is an protocol problem.

Do you get the same issue no matter where you connect from? phone Hotspot/home internet, etc. what about from multiple devices?

I would try to test the IKEv2 to at least see if you do get different results.

Either way you should call WG support and see if they can help dive into the logs with you. It’s hard to tell without seeing the logs.