TL;DR version...
We currently run Anyconnect on our corp laptops, with an "always on" config in place. Our field techs have brought an issue to our attention that has us somewhat stumped.
Scenario: Field tech completes a Gig fiber install at a customer location, wants to run a speedtest for customer. Obv, we have them in a group that allows them to disconnect from the VPN to do so, in order to not be affected by our VPN throughput. Downloads speeds vary from 720 to around 780 on fast.com, ookla, testmy etc. Customer is not amused.
If we uninstall Anyconnect, those same tests using the same laptop at the same location increase to 920 to a full 1000 down on avg. Seeing similar results on Macbook. Hence, we have to give the techs a 2nd laptop w/o Anyconnect just for testing purposes.
How does the mere presence of a disconnected Anyconnect client cause this much of a drop in performance? Any MTU size changes are specific to the virtual adapter, not the wired ethernet adapter in Windows. Is there anything that can be done from an Anyconnect client config stand point to mitigate this performance hit? I'm to the point I want to recommend EXFO handheld testers, but at 5k a pop this probably wont fly. Thx for any ideas.
No comments:
Post a Comment