Hi Folks,

Just wondered what sort of speeds I should expect over an SSL tunnel. I have used the SSL tunnel I have set up on my v2925 over mobile network 4g and over wifi hotspots but with the SSL Tunnel connected I only get around 3mbps up and down when with it off the wifi hotspots have offered around 8 mbps and the 4g over 20 mbps. My home connection is 55mbps down and 16mbps up. Is there anything I can do to improve speeds?

Cheers

Bradley

As an experiment, you could try using the phone's inbuilt VPN client instead (L2TP/IPsec/PSK). (Not too arduous to set up on Android ... don't know about others).

I've just got back from a road trip around New England, and was using my VPN connection back to base, a lot more than usual. Normally, I only use it over slow 3G (on an old Samsung S3), so don't really notice the overhead imposed by the VPN. However, because I was now using it over Wifi, it was really obvious that the SSL VPN imposed a huge performance hit. In a few locations, I did comparisons of SSL vs L2TP/IPsec and noted huge differences. I don't know if this is indicative of an intrinsic short-coming in SSL, or a Draytek SmartVPN client problem.

When performance wasn't an issue, I stuck with SSL because it connects far more easily than the inbuilt L2TP client on my phone and some locations appeared to have blocked all but 'web' traffic anyway. When speed was of the essence - such as trying to watch Coronation Street in Connecticut, I resorted to L2TP/IPsec...

I have already tested l2tp ipsec on my laptop and did notice better performance. However there is a known bug affecting android 5 and 6 which means l2tp ipsec doesn't connect, I believe it is some issue with sha support. The bug was still present in 7 but I understand android have now fixed it and it is slowly being made available by different manufacturers. My phone cannot be upgraded beyond version 6 at least via the manufacturer updates so l2tp ipsec is not an option for my phone which is when I will use vpn most.

In my area lte coverage and performance is poor and this results in frequent ssl tunnel disconnects, presumably due to latency issues.

Does anyone know of a workaround for this issue?

Just an update, I have spent some time looking at the issue with Android 6.

It seems with some manufacturers there is a workaround: In advanced options you can select "backwards compatible" which stops android using its broken sha2 and forces sha1.

L2TP IPsec now works fine on my phone.

Is there any significant improvement in speed?

Yes, just as there was on the laptop. I would say 3x the bandwidth and also completely stable over lte when SSL disconnected often.