| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 107936 | 2010-03-08 06:06:00 | Cisco VPN causing PC to run very slow | somebody (208) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 864887 | 2010-03-08 06:06:00 | I have recently begun using Cisco's VPN client software to connect to a customer site, and have found two major problems with it which I am yet to solve: 1) It disconnects me from my LAN (i.e. I can't access my email, shared network drives, other services/content on our corporate network); presumably for security reasons 2) It causes my PC to grind to a halt, where simple things like bringing a window back into the foreground takes 30+ seconds; trying to start up the Remote Desktop Connection utility takes about a minute. PC is running Windows XP Pro, is up to date and patched, and is managed by a 3rd party (although I do have local admin rights). I have read that it is possible to "fix" the first problem by tweaking the routing tables, and deleting the route which Cisco overwrites to force LAN traffic through the VPN. I have tried this and it does not appear to work. If anyone has any suggestions, they would be greatly appreciated. |
somebody (208) | ||
| 864888 | 2010-03-08 19:13:00 | Cisco VPN is effectively a tunnel onto another network. It will disconnect you from your local Lan services, email/file shares etc. Its like unplugging your cable off your network and plugging it into the remote network, or am I missing something here? The speed issue is probably link related, what connection to the net are you running and are you running a firewall?. Are you sure the remote site is not experiencing performance issues? |
Battleneter2 (9361) | ||
| 864889 | 2010-03-08 20:29:00 | 1) It disconnects me from my LAN (i.e. I can't access my email, shared network drives, other services/content on our corporate network); presumably for security reasonsThis is almost certainly a routing issue - it'll be trying to route your local connections via the VPN tunnel, and as your LAN is not at the other end, it fails to find whatever it's looking for and can't reconnect. 2) It causes my PC to grind to a halt, where simple things like bringing a window back into the foreground takes 30+ seconds; trying to start up the Remote Desktop Connection utility takes about a minute.I don't know about this one, but my hunch is it's related to the first issue (and exasperated by a crappy threading model in explorer). Try sorting out your LAN connections first, and make sure you have valid routes to reach your dns servers and domain controllers - see if that sorts it. I have read that it is possible to "fix" the first problem by tweaking the routing tables, and deleting the route which Cisco overwrites to force LAN traffic through the VPN. I have tried this and it does not appear to work.It will work fine, but you'll need to do more than just delete the 'catch-all' route that the Cisco software has added. You'll also need to put your old default route back, and add one or more additional routes that describe the stuff you need access to on the other end of the VPN. Does the Cisco software have any settings that will let you tell it *not* to take over from the existing default route? Most VPN software does. |
Erayd (23) | ||
| 864890 | 2010-03-09 04:55:00 | Thanks guys. I have been a bit too busy today to experiment with these suggestions, but at least have a temporary workaround (which I can't reveal here) in the meantime. |
somebody (208) | ||
| 864891 | 2010-03-09 05:16:00 | I have recently begun using Cisco's VPN client software to connect to a customer site, and have found two major problems with it which I am yet to solve: 1) It disconnects me from my LAN (i . e . I can't access my email, shared network drives, other services/content on our corporate network); presumably for security reasons Click on "modify" for the relevant connection . . . there is a check box which says "allow local LAN access" . Check this box . . . you should be able to access your local LAN and not get disconnected from your email etc . I use this all the time on my company VPN connection . . . Cheers, |
chiefnz (545) | ||
| 864892 | 2010-03-09 05:48:00 | Click on "modify" for the relevant connection . . . there is a check box which says "allow local LAN access" . Check this box . . . you should be able to access your local LAN and not get disconnected from your email etc . I use this all the time on my company VPN connection . . . Cheers, Ticking that box appears to make no difference - I guess it's being overridden by a server side config entry? |
somebody (208) | ||
| 864893 | 2010-03-09 07:14:00 | Ticking that box appears to make no difference - I guess it's being overridden by a server side config entry? Hmmm true, well I suppose not an unreasonable option to ensure the tunnel is locked down appropriately. Cheers, |
chiefnz (545) | ||
| 1 | |||||