thecomputerguy
Well-Known Member
- Reaction score
- 1,414
I needed to get a VPN going for a client who has a USG deployed as their gateway. I got the L2TP VPN setup and working (only option in USG) however, When connected through the VPN all requests are routing through the Gateway on the VPN Server side. The result of this is normal internet activities become slower for the user while connected through the VPN and their Download/Upload drops significantly while connected through the VPN.
In the past I have disabled the "Use the default Gateway on Remote Network" the preserve speed for the user. These setups were typically a VPN Server on a Synology NAS with ports opened up at the Gateway (I know this is a big no no now).
Disabling "Use default gateway on remote network" this for the client results in better internet speeds but the client is not able to access remote resources through the VPN. It connects fine but can't ping anything on the remote network.
So moving forward I will be setting up VPN's at the Gateway level as opposed to opening ports to an internal service to provide VPN but the client using the VPN's Server as a gateway kinda sucks ... is there a way around this to preserve speeds for the client while still maintaining access to the remote network?
@YeOldeStonecat @Markverhyden
In the past I have disabled the "Use the default Gateway on Remote Network" the preserve speed for the user. These setups were typically a VPN Server on a Synology NAS with ports opened up at the Gateway (I know this is a big no no now).
Disabling "Use default gateway on remote network" this for the client results in better internet speeds but the client is not able to access remote resources through the VPN. It connects fine but can't ping anything on the remote network.
So moving forward I will be setting up VPN's at the Gateway level as opposed to opening ports to an internal service to provide VPN but the client using the VPN's Server as a gateway kinda sucks ... is there a way around this to preserve speeds for the client while still maintaining access to the remote network?
@YeOldeStonecat @Markverhyden
