We're experiencing significant lag issues for our contractors in the Philippines when they connect to our company VPN located in the Bay Area, California. Two contractors have dramatically reduced internet speeds when connecting via VPN compared to when they're not connected. One contractor sees speeds drop from around 500 Mbps download and 280 Mbps upload to 1.61 Mbps download and 37.40 Mbps upload. The other contractor experiences a drop from 460 Mbps download and 280 Mbps upload to just 1.50 Mbps download and 1.60 Mbps upload. I've run a trace route and found only eight hops, but it indicates up to thirty. We've configured the firewall to allow Philippine connections. The contractors are becoming quite frustrated with the lag. What recommendations do you have to improve their VPN performance?
5 Answers
It might be worth exploring the option of a virtual desktop infrastructure (VDI) setup. This way, sensitive data could remain within the US and accessed securely without needing heavy reliance on the VPN, tackling both security and performance issues.
The results from your speed tests might not accurately reflect the experience for those across the Pacific. Try ensuring they're testing against the same server, ideally one close to your office in California, to get a clearer picture. Latency plays a huge role here, so it’s essential to compare apples to apples. Also, consider splitting out local internet traffic from the company VPN to reduce congestion.
That sounds like a solid plan! Also, if possible, you could check if your firewall settings are blocking any ICMP packets, as that could affect their ability to calculate optimal paths.
Consider testing with iPerf2 for network performance between your office and the contractors’ PCs. It's a great tool to pinpoint where the speed drops are happening. Make sure everyone's aware that memory capacity doesn’t influence network speed in this scenario!
Have you checked the possibility of DPI (Deep Packet Inspection) or throttling by the ISPs in the Philippines? Often, they prioritize local traffic over international connections, which can severely impact VPN performance. A different ISP might yield better results if that's the case.
Using split tunneling might help in this situation. This way, they can access the internet directly for non-business traffic while still securely connecting to the company resources via VPN. It’s an excellent way to handle bandwidth for regular internet usage without the lag.
Good point! I think that's a smart approach to optimize their experience.
Absolutely! Keeping private data on local servers could also alleviate some of the load on the contractors when connecting.