Folks,
Not sure you want this post here, but I wanted to turn to people I knew might have some insights. I'm a Sr. SysAdmin/Network Engineer for a company in the NC market predominantly. We've switched everyone to a WFH model as of EOB today. So far, it's been hell trying to get everyone to use our SonicWALL IPsec (GlobalVPN) client. In normal times, it works just fine for folks, but we've had increasing problems with it since every company has gone WFH. Bandwidth over VPN is *VERY* slow, like 0.07 Mbps slow, but reverts to normal when we take them off VPN. We're looking through the logs and we don't believe it's our firewall, like any QOS or DSCP tagging for example. In fact, we have switched some folks on SSTP/SSLVPN and that seems to work fine, but the IPsec client side seems to work very hit-or-miss. Is anyone having issues with Spectrum residential, specifically, with getting client IPsec VPN to work properly? I suspect QOS queues are flooded with IPsec traffic and that it's getting squashed at the headend, but I don't really know the ISP side of the puzzle very well--hence asking you all.
Any insights would be extremely helpful. TIA, colleagues.
EDIT: VPN policy is split-tunnel, so only office routes go through VPN. Using modern encryption ciphers. We have 1Gbps uplink at the office, which is 20-30% saturated at any moment. No throttling rules applied on inbound IPsec traffic.
No comments:
Post a Comment