Forum Discussion

Mariappan_S_156's avatar
Mariappan_S_156
Icon for Nimbostratus rankNimbostratus
Jul 05, 2014

SSL VPN PERFORMANCE CACHING

Hi All,

 

We have 4000 s as an SSL VPN, We need information about to caching. We using SSL VPN and network tunnel mode. Remote users are connecting through broadband to connect f5 sslvpn and accessing internal web based applications.

 

There is any option to improve the SSL VPN performance and application access performance by tune-up the session caching and device caching. Since some of user’s facing slowness on internal web application access thorough F5 ssl vpn.

 

Kindly guide us.

 

Regards, Mariappan S

 

APM
application delivery
deployment
LTM
microsoft
security

1 Reply

Sort By
  • BinaryCanary_19's avatar
    BinaryCanary_19
    Historic F5 Account
    Jul 06, 2014

    First off, I should point out that whenever you chose VPN, you are usually choosing to sacrifice speed for security, or sacrifice speed for the ability to access something remotely.

     

    I am not sure how much benefit can be had from caching, but if you wanted to cache, then you will have to serve your internal applications through a load-balanced VIP, and attach caching profiles as necessary.

     

    If your users are using SSL-VPN through broadband, there are a couple of slow-downs there already -- most broadband connections use an MTU that is lower than 1500, and if you add to that the overhead of SSLVPN, then the effective MTU/MSS available to clients is reduced, so generally, the performance of applications over a VPN is almost always lower compared to accessing that application without VPN. You may experience slightly better performance if you use DTLS instead ot TLS for the SSL VPN. DTLS uses UDP, and so avoids doing TCP in TCP, where TCP's congestion control and retransmissions can introduce slowdowns.

     

    That's what I think.