The user working from home is getting approx RTT of 1095ms up to 2281ms; another user on the same VPN with pretty much identical settings is getting an average of 22ms (these were all done from a host on site) pinging the user with the issue from the SonicWall gets ~20ms RTT. Pinging the Client Wan IP from the same host for the earlier numbers ~50ms RTT.
The user is experiencing other high-latency symptoms. Local sites(why she needs the VPN) take an eternity to load.
She did a speed test (the chrome one) gets 219mbps down without the vpn 11mbps with but even 11 should be fine for browsing the internet and checking email. Think the latency is the big problem
I would try a pathping from her remote PC to your VPN WAN IP while disconnected from the VPN. That should provide additional insight on which hop is causing the delays.
Maybe try changing the dns servers on their router? Sounds like they have resolution issues regardless of vpn. If you’re split tunneling you’ll still have those issues. Maybe a full tunnel to see if sites load quicker? Any settings on their system that manually configured dns servers on their network adapters? Just spit balling…
I’ve seen ping times rise to over 10000ms when I connect from home. It makes the VPN unusable, though it won’t necessarily disconnect. No one else in the company has reported similar issues. We tunnel all traffic, and while ping times to an IP on the company LAN and to the public WAN IP start off the same, I’ll see the LAN ping time rise ridiculously while the WAN ping time stays low, until finally breaks.
use winMTR to determine what specific hop is causing this terrible latency. Could be an issue upstream, or maybe even an issue locally.
Try disabling Receive Segment Coalescing (RSC). Over the last month or so, I’ve had a bunch of staff complaining about VPN performance, and disabling rsc improved things for me.
https://www.sonicwall.com/support/knowledge-base/gvc-degraded-internet-throughput-from-local-isp-even-though-connected-in-split-tunnel/200423032255090/
This is an old thread from MS, but I had the same issue. There’s a bug in Windows 10. Follow this guide. I’ve had to run this fix on two computers whose VPN was basically unusable.
Already in full tunnel so is everyone else.
The internal services they hit don’t have a public resolution so since they can get their at all means they’re probably getting the internal dns correctly. And we just use the public facing ipv4 address for users to connect so there’s no name resolution happening.