- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Slow FortiClient VPN
Hello,
we are migrating from cisco AnyConnect VPN to FortiClient VPN. we are using FortiClient 7.2.5 and FortiGate 7.2.7 . we are seeing a significant difference in file transfer rate when the end user is trying to download a big file from a shared drive. I am pretty sure its not the internet circuit issue because I ran the test while I was working remotely. I have a 1Gb up/down and the download rate is similar to what our end-users are reporting. any help is greatly appreciated.
- Labels:
-
FortiClient
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try the other way around, actually - disable split DNS, and let your internal DNS server handle all DNS for the client. (This assumes the internal DNS is willing and capable of resolving any public DNS records) https://mobdro.bio/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
its already setup to use our internal DNS. split DNS already disabled
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Make sure dtls is enable in ssl vpn setting on fortigate and also on forticlient.
Please click on below link and reference document.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
enabled dtls in both the Fortigate and FortiClient but still the same max transfer rate is between 1MB/s - 3MB/s
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
For testing can you try to disable all UTM profile in ssl vpn policy and make sure you are using flow based.
Check speed after that.
If still you are getting same speed you need to setup iperf server on local environment and you need to check speed.
https://community.fortinet.com/t5/Customer-Service/Technical-Tip-How-to-increase-the-SSL-VPN-tunnel-...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
is this what you mean by disabling UTM? we already set our vpn policies for no-inspection.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Zero
Create a VIP object and send the file over the Internet to check the speed difference when sent over the Internet vs SSLVPN.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Virtual-IP-VIP-port-forwarding-configurati...
Try to use latest version of Forticlient to rule out the Forticlient issue or try IPSec VPN rather than SSLVPN.
Regards,
Rahul Kaushik
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @Zero
Make sure, there isn't any VPN applications are installed, or running on test machine other than FortiClient .
Thanks,
Ronak Patel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
do you mean uninstall Cisco AnyConnect?.. its been off during testing FortiClient VPN.