Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

NetExtender SSL VPN Very High Latency

Hello everyone!

I have Arch Linux running NetExtender 10.2.850 connecting to TZ-350 using split tunnel VPN.

NetExtender has recently become unusable. The traffic latency over the VPN tunnel is 1-3K ms and sometimes as high as 5K ms but amazingly no packet loss.

I have recently updated the Sonicwall firmware as well as the Arch OS so not sure if one of them is the culprit. I don't know when this started because I don't use VPN quite so often but it's been withing the past month I believe after the updates.

tested with ISPs and the issue persists across different client side ISPs

I have reinstalled NetExtender but no dice

Traffic on LAN/WAN is normal speed, only traffic traversing the SSLVPN zone is slow

I have tried removing security services on SSLVPN Zone no change in speed

Core utilization barely @ 10% average

I have other users running Windows NetExtender to the same firewall and they are not experiencing the problem.

Any ideas/suggestions would be greatly appreciated.

Category: Entry Level Firewalls

Best Answer

    Hominis_FloridanusHominis_Floridanus Newbie ✭
    Answer ✓

    Sorry for the delay, I forgot to post back. I found the issue, it was my anti-virus. As soon as I started pushing traffic over the tunnel, the ESET service cause immense latency but the CPU usage was not affected, only the VPN traffic. Not sure what caused it but it was something in the system updates. I wish ESET would put more effort into Linux, they have a good product for Windows but their Linux features/support is not great.

    systemctl stop esets.service and the latency went back down to < 35 ms from 2-3K ms !!!

    Removed ESET and now just running CLAMAV


  • TKWITSTKWITS Community Legend ✭✭✭✭✭

    My guess is the Linux client, its been poor maintained for a long time. Try rolling back.

  • ArkwrightArkwright All-Knowing Sage ✭✭✭✭

    I use the Linux client regularly and never experience latency issues that wouldn't otherwise affect the Windows one. IE, it's not great, but tunnelling everything in TCP never is.

Sign In or Register to comment.