SQL services not active with Mobile VPN connection

First off - if I were to rate myself from 0 to 10 where 0 is a person that can use a computer but has no IT experience and 10 is IT god like - I’d be a 3.5 - maybe even a 4 on a really good day.

I installed mobile VPN to a T-35 box to work remotely for work.
It works - I can remote through the firewall with IKEv2 and use onsite computer IP addresses to remote desktop into a computer on the network. The issue is that the software I need to run (CAD and ERP suites) is very laggy when doing this. I need to be able to run my software here and access the SQL server 1400 miles away.

I previously used OpenVPN and I was able to log into the network with only a user name as if my computer was onsite.

I would like to just log onto the network and use my computer as if it was a local client with SQL access.

How can I make this work?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @nighttowl

    The type of connection you're using isn't generally very tolerant of latency and reduced packet sizes. The issue you're running into may be more distance based than firewall or VPN based.

    With that said, there's a few things that you can try:

    -You mentioned OpenVPN seemed to work better. The SSLVPN on the firebox is based on a customized version of OpenVPN. There's no restriction on how many VPN types you can set up on the Firebox, so try setting up the SSLVPN and install that client on your PC. This may work better for you.

    -Use a VPN with an option for a split tunnel. Both the IKEv2 and L2TP VPNs are full tunnel only (meaning that the VPN client sends ALL of your traffic across the VPN, not just traffic destined to the network on the distant end.) Using an option like the IPSec (IKEv1) or SSLVPN with a Split/Routed tunnel reduces that traffic to just what needs to go across. Your other internet bound traffic traverses normally as it did before.

    -Since latency is almost always the issue here, using the VPN client to connect to a machine you can RDP to may be a better solution, as the latency between that machine and the server will be lower. RDP is designed to stream, so it will generally give you a better experience for this type of transaction.

    -James Carson
    WatchGuard Customer Support

  • edited October 2021

    @james.carson said:
    Hi @nighttowl friday night funkin

    The type of connection you're using isn't generally very tolerant of latency and reduced packet sizes. The issue you're running into may be more distance based than firewall or VPN based.

    With that said, there's a few things that you can try:

    -You mentioned OpenVPN seemed to work better. The SSLVPN on the firebox is based on a customized version of OpenVPN. There's no restriction on how many VPN types you can set up on the Firebox, so try setting up the SSLVPN and install that client on your PC. This may work better for you.

    -Use a VPN with an option for a split tunnel. Both the IKEv2 and L2TP VPNs are full tunnel only (meaning that the VPN client sends ALL of your traffic across the VPN, not just traffic destined to the network on the distant end.) Using an option like the IPSec (IKEv1) or SSLVPN with a Split/Routed tunnel reduces that traffic to just what needs to go across. Your other internet bound traffic traverses normally as it did before.

    -Since latency is almost always the issue here, using the VPN client to connect to a machine you can RDP to may be a better solution, as the latency between that machine and the server will be lower. RDP is designed to stream, so it will generally give you a better experience for this type of transaction.

    Thank you very much for posting this, I got it working.

  • Thank you very much for posting this, I got it working.

    You were able to log through the firewall and access hosted services without RDP?

Sign In to comment.