application rdp portal framerate issues
Hi,
We are looking into using the Watchguard app portal as our RDP gateway and its all working, but the framerate is very bad.
On a blank desktop you dont notice it too much, but run a webgl test like 'fishtank' and it looks like its managing 5FPS when the render speed on the device is showing 60FPS.
I've tried this via an M690 and an M4800 and both are the same.
Native Windows RDP still isnt amazing , but its at least double the framerate and doesnt lock the browser up preventing you from clicking anything.
Is there any way to tune this in Watchguard?
I've tried running 256 colours, but it doesnt help.
ps. Its not network. We have 10Gb/s and the client tested at 900Mb/s. Latency is good too and we've tried three clients on different subnets.
Client CPU is running about 10% and pleny of RAM.
thanks.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.11.6
Comments
Are you expecting your real use of RDP for this to be such a rapidly changing screen content?
The RDP default is 30 fps which can be modified via a registry change.
Frame rate is limited to 30 FPS in Windows-based remote sessions
https://learn.microsoft.com/en-us/troubleshoot/windows-server/remote/frame-rate-limited-to-30-fps
Also see:
Remote Desktop Protocol (RDP) bandwidth requirements
https://learn.microsoft.com/en-us/azure/virtual-desktop/rdp-bandwidth
For your RDP access test, are you using a packet filter?
Hi @Abertay
Generally, you will see a performance decrease when connecting to a device via RDP in the Access Portal over connecting directly to that device via RDP.
The Firebox is acting as the RDP client and is rendering, re-encoding, and streaming that via a web browser. The intent of the feature is to provide a way to securely access services that would normally require a VPN via the access portal page.
There aren't any tweaks that will get this running at 60 FPS, as that's not really what the feature is intended to do. A fast VPN (like IKEv2) combined with Microsoft's standard remote desktop client may be a better choice if you're looking for raw performance.
-James Carson
WatchGuard Customer Support
Not looking for anything crazy. 60FPS was just the comparison for the test. If it could be anywhere near 30FPS that would be great. Just want it to be smooth and lag free, which it currently isnt. I'm sure 15+FPS would be just fine.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.11.6
The default policy appears to use IPS/Geo/App filtering which i have now turned off to see if it improves things.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.11.6
Hi James, Not raw performance as such, just a smooth, lag free experience. As its re-rendering do you see a performance difference between different firebox models? We are running this on our 690's.
--
WatchGuard M4800 (x2 Cluster)
WatchGuard M690 (x2 Cluster)
Firmware : 12.11.6
@Abertay The only real difference between Firebox models related to Access Portal is the number of RDP connections they can handle. The M690 can probably handle 20-25ish connections, depending on resolution and color depth.
-James Carson
WatchGuard Customer Support