Question : SUPER SLOW Internet Explorer performance while connected VPN to Windows RRAS Server

This is a fun one! I have had a paid open support case with Microsoft Support on this issue for the past two months and have received no real answers or solutions to fix this problem. The case is still open but does not seem to be going anywhere, so I turn to the internet community for some real help!

My problem is that internet browsing with Internet Explorer SIGNIFICANTLY SLOWS and HANGS when a Windows XP SP2 VPN connection is established to our office RRAS server (Windows server 2003 or 2000). The slow down and hanging disappears once the VPN connection is disconnected.

You may ask, how much of a slow down are we talking about? In gathering logs for Microsoft Support, I performed a test where I brought up the same 4 web sites one after another and waited for the entire page to load and for the status at the bottom of internet explorer to read Done. Browsing to these 4 websites with VPN disconnected took approx 40 seconds to load all 4 sites. Now, with my VPN connection established, the same 4 websites took right at 5 minutes to load completely.

I can assure that the problem that I am experining is not bandwidth related. The remote location connection is a 4MB down 400KB up cable connection. The connection at the office is a dedicated T1 line. Neither of these are used to full capacity. However, another test that I performed also verifies that the problem is not lack of bandwidth. It also proves that my problem is not related to the extra bandwidth overhead that establishing a VPN connection creates on the client and RRAS server machines.

This test involved using the FireFox browser. Using FireFox, web pages loaded at the same pace, unlike ie, both connected or disconnected to VPN. In fact, (while connected to VPN) I have had Internet Explorer and Firefox opened side by side on the screen and will type in the same web site address on both browsers and hit Go at the same time. Firefox will load the page in a few seconds while Internet Explorer will sit there for up to several minutes trying to render the page and graphics. I have reported this to MS Support and all they tell me is that it is because IE waits for a response for every request it sends before it loads the next piece of the site whereas Firefox does not require this response. They also have said, and I quote, In Firefox, it will open 14 ports to download data which does not follow the RFC for HTTP 1.0 and HTTP 1.1 In IE we default to the RFC specification. For HTTP 1.1 it is 2 connections, for HTTP 1.0 it is 4 connections. However, they gave me a registry hack that allows IE to open up to 15 port connections and it still did not resolve my problem.

I know that there is a checkbox setting in the VPN client connection properties called Use default gateway on remote network. Contrary to what it seems like it would do, the problem exists whether this box is checked or unchecked. This is really weird to me because if you have this box unchecked, the internet traffic does not even flow through the vpn connection to get to websites outside of the local network.

Virus scans and adware scans return nothing.

Ping response times look fine when pinging website addresses through vpn connection.

I could go on and on with details of what has been tried, however I will stop here to get feedback or answer any questions as to additional info needed.

However, a brief scenarios of our office and remote networks may be helpful.

Office environment where RRAS server resides:
Dedicated T1 internet connection connected via Cisco 2600 router. The router connects directly to a Sonicwall TZ-170 firewall that performs static NAT mapping to our local 192.168.0.0 office network. PPTP port is opened up on the Sonicwall and points to the RRAS server.

RRAS server:
P4 Xeon 1GB RAM
Windows Server 2003 Standard edition with Service Pack 1.
Hotfix 898060 Installed.

Domain Controller
P4 Xeon 1GB RAM
Windows Server 2003 Standard edition with Service Pack 1.
Handles AD Integrated DNS, DHCP for RRAS server.
Hotfix 898060 installed.

Remote Environment experiencing problem:
Cable internet 4MB download, 400KB upload. Connected to Dlink DI-624 router. Router hands our DHCP 10.0.0.x ip addresses to local Pentium 4 connected client PCs.
Using standard Microsoft Windows XP VPN client to establish VPN connection to remote office RRAS server.

Thank you,
-David

Answer : SUPER SLOW Internet Explorer performance while connected VPN to Windows RRAS Server

PAQed with points (500) refunded

DarthMod
Community Support Moderator

Random Solutions

DHCP pool issue - Internet performance

How to configure filter for webservices in jbossws.sar

Not all computers show up in Windows Explorer: Entire Network\Domain\

Symantec Ghost 7.5, Windows XP, NO FLOPPY DRIVES

EnableCertificate for SMTP

SRV records for _ldap._tcp.dc.Msdcs

Automatic login for Telnet

IP general understanding

Using a multihomed Win98SE box as a router between wired & wireless networks