Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".


SSLVPN / Net Extender on


Our NSA2650 was experiencing CPU issues and tech support advised that we need to upgrade to the latest version to continue getting support. We rely heavily on our VPN both IPSEC and client and the previous versions all had known issues attached to them. Currently, our global client VPN speeds are good, but we prefer the SSLVPN because of its built in MFA support. We have an open support ticket already, but I thought I would post it here. We run SSLVPN in tunnel all mode and have noticed a degradation in speeds since upgrading firmware to the latest versions. The speeds have never been great maybe 20x10 on a 1gig connection, but now they are 2x2 across the board. Has anyone experienced this?

Category: Mid Range Firewalls


  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    SSLVPN performance has never been great but what you describe is particularly poor. How many users do you have?

    You can do MFA with Global VPN but AFAIK it can only be RADIUS-based which limits your options.

  • Options

    I've been told by sonicwall that we have a lot of users, but this problem can be replicated on Sunday night when we have no one working. In contrast, we can get incredible speeds (70x70) out of the GCVPN when we are at full load during our busiest part of the day. I think its related to the new firmware but Sonicwall support says its expected behavior and won't get escalated.

  • Options
    ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    Hash tag boundless! If you can demonstrate the issue with just a single user connected then that's a pretty poor response from support, IMO.

  • Options
    TKWITSTKWITS Community Legend ✭✭✭✭✭

    SSLVPN performance unfortunately has regularly degraded over the years. Make sure youre running at least version 8.266 of NetExtender.

    It's surprising because they went from their own underlying stack to the 'open' WireGuard stack, which many other companies use and don't have the performance problems with it.

Sign In or Register to comment.