Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
MZBZ
Staff
Staff

Created on ‎08-20-2024 09:30 AM Edited on ‎12-15-2024 01:29 PM By Moderator

Article Id 334854

Technical Tip: VPN connection stability and quality over Cellular 5G/4G/LTE services

Description

This article describes what to expect in terms of VPN connection quality and stability over mobile phone 5G/4G/LTE services.

Scope

FortiClient FortiSASE VPN, FortiGate SSL IPsec.
Solution

While modern cellular radio communications offer impressive speeds and low latency, their performance can be more susceptible to environmental factors compared to wired, fiber, or bridge-radio connections, impacting signal quality and network reliability.

 

While cellular 5G/4G/LTE technology offers remarkable speeds and ultra-low latency, it is essential to recognize that its performance and stability are more vulnerable to environmental factors than traditional wired connections.These factors can influence signal quality and, over time, may lead to fluctuations in network reliability. Key environmental factors include:

 

  1. Interference: This occurs when other wireless signals or electromagnetic sources overlap with 5G radio waves, creating noise that disrupts communication. Common sources of interference include other wireless devices, microwave ovens, and nearby cellular towers operating on similar frequencies. This interference can degrade signal clarity, leading to reduced data speeds or temporary loss of connection.

  2. Refraction: As 5G radio waves pass through different mediums, such as air, water vapor, or even glass, they can bend, altering their original path. This phenomenon, known as refraction, can weaken the signal or cause it to take an unintended route, reducing overall signal strength and potentially impacting the reliability of the connection.

  3. Reflection: Radio waves can reflect off surfaces like buildings, mountains, or vehicles, causing them to bounce in multiple directions. When these reflected waves converge at the receiver, they can arrive at slightly different times, a phenomenon known as multipath interference. This can lead to signal distortion, which may manifest as jitter, data packet loss, or reduced throughput.

  4. Scattering: When 5G signals encounter small objects, such as raindrops, foliage, or irregularities in the atmosphere, they can scatter in various directions. Scattering causes the signal to spread out and lose intensity, which can further diminish the quality of the connection, especially in densely populated urban areas or during adverse weather conditions.

These challenges are inherent to all radio wave communications, from basic AM/FM radio broadcasts to sophisticated satellite links. Although 5G technology has made significant advancements in providing very high bandwidth with minimal latency—using advanced modulation techniques like Massive MIMO and beamforming to enhance signal resilience—the technology still faces limitations imposed by the nature of radio waves.

When assessing the quality and stability of a 5G connection, it is crucial to understand that the signal strength or the number of bars displayed on a device is not the only factor that matters. While signal strength is a visible indicator, there are several other critical parameters to consider:

  1. Signal-to-Noise Ratio (SNR): SNR measures the ratio of the desired signal to background noise. A higher SNR indicates a clearer signal with less interference, which is vital for maintaining high-quality digital transmission. Low SNR can result in more errors during data transmission, leading to retries, increased latency, and reduced overall throughput.

  2. Signal Quality Index (SQI): SQI is an assessment of the overall quality of the received signal, factoring in both the strength and the presence of interference or noise. A higher SQI indicates a more reliable and consistent connection, which is especially important for transmitting digital IP packets.

  3. Bit Error Rate (BER): BER measures the number of bits received incorrectly compared to the total number of bits sent. A lower BER indicates better transmission quality, as fewer errors occur during data transfer. High BER can degrade the performance of real-time applications and cause instability in VPN connections.

  4. Latency and Jitter: Latency refers to the time delay between the sending and receiving of data packets, while jitter refers to the variation in packet arrival times. While latency and throughput (or capacity) are theoretically independent of each other, both are crucial for different aspects of network performance. A connection could theoretically have extremely high capacity but also suffer from significant latency, which could be problematic for real-time applications that require quick data exchange.

  5. Channel Capacity and Bandwidth: The capacity of the radio channel, which is determined by its bandwidth and the modulation techniques used, directly affects the maximum throughput that can be achieved. This capacity can fluctuate due to environmental factors and network congestion, impacting the ability to maintain high-speed data transfers.

Given these factors, it is not possible to guarantee a stable VPN connection over prolonged periods when relying solely on 5G cellular networks. For applications that demand consistent, reliable connectivity—such as real-time data processing, remote work, or cloud-based applications. It is strongly recommended to opt for wired or optical broadband connections. These connections are typically more stable, less prone to environmental disruptions, and better suited for maintaining the low jitter, high throughput, and stable signal quality required for uninterrupted VPN service.

 

TMOBILE 5g service.png

 

Tmobile Service quality.png

 

A list of helpful tools for network quality checks:

  1. WinMTR (graphical Tracert+Ping for MS Windows): https://sourceforge.net/projects/winmtr/
  2. Cloudflare's speed test service: https://speed.cloudflare.com/
  3. Ookla's speed test service: https://www.speedtest.net/
  4. Netflix's speed test service: https://www.fast.com/
  5. Hurricane Electric BGP Toolkit: https://bgp.he.net/
  6. Level3 Lumen's Looking Glass: https://lookingglass.level3.net/
  7. Ookla's speed test CLI tool: https://www.speedtest.net/apps/cli
  8. iPerf (tool for network performance measurement and tuning): https://iperf.fr/ (How tos: Setting up iperf server and client - Fortinet Community).
  9. How to use iPerf with FortiGate: Fortigate built-in iperf tool helps a lot in netwo... - Fortinet Community
  10. FortiSASE Network Tools: https://speed.fortisase.com/
  11. Path MTU Discovery: https://datatracker.ietf.org/doc/html/rfc1191
  12. MtuPath.exe, maximum network path size scan utility: https://www.iea-software.com/products/mtupath/

 

Related articles:

These articles will help with increasing average connect time of SSL VPN in different environments:
712
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.