RDP "painfully slow" using OpenVPN

So I installed a GL-AR300M as my router for a 100mbps up / 35 mbps down internet connection. Speedtest shows that’s about what I’m getting.

I then setup a VPN server on the unit to provide a way for employees to connect to the network from home and Remote Desktop to their computers, avoiding exposing their machines to the outside world.

The speed is very poor compared to a direct connection via an exposed port (the person using it called it painfully slow on VPN); I have found a couple posts indicating these units max out around 8mbps via VPN. I’m pretty sure my setup isn’t even doing that, as I can watch it paint the screen one row at a time (four or five rows).

Are there any OpenVPN tweaks I can make that might help, and is 8mbps a realistic assessment of VPN throughput?

Thanks for any guidance.
Brian

Do you use OVPN via UDP or TCP?

What kind of settings did you set within the RDP connection? There are multiple tweaks for it.

Exposing the RDP port without VPN is no way to go in any case - it’s highly dangerous.

You could try to do an speedtest over OVPN like iperf3
See this tutorial:

1 Like

As the owner of several AR300m routers, it is an older and slower router, especially with OpenVPN. I see 5 to 15 Mb/sec depending on the client connection. Using OpenVPN.

Wireguard is better than twice as fast as OpenVPN on this router.

4 Likes

I’m using UDP for the VPN connection. RDP parameters are whatever the defaults are. I’ll try the speed test, just to get a more exact number, but if 8mbps is typical, and there is other activity over the non-VPN side of the connection, then it may be the throughput is just not high enough.

Thanks, I’ll look at wireguard as well. But in the end, I think the conclusion is I chose a poor candidate for the application. For my own purposes, these little things are spectacular, but for a small office with a fair amount of internet activity, I am probably just asking a bit much for the $$$.

So I’m going to try this: GL.iNet GL-AX1800(Flint).

I’m guessing I can save the configuration from my existing unit and load it on this? I realize I won’t see the rated capacity, but I figure having 25mbps capacity would allow for four users accessing typical spreadsheets and documents and remote desktop.

1 Like

I wouldn’t do a backup from one device and upload it onto a completely different one. That will possibly mess up a lot.

You can however open up screens in the WEB-UI and duplicate any setting from one device onto the other one.

2 Likes

Indeed. You should not do that.

Sorry, let me clarify, I wasn’t referring to the entire router’s configuration, I was referring to copying the “.ovpn” configuration file (the certificate and session settings), since all the client stations are already setup to work with that certificate.

That should be fine, yes. :slight_smile:

You should tweak the RDP connections anyway, since they are “normally” not for WAN usage. There are plenty of options within the RDP configuration file (which you should use instead of just using mstsc) and there are Group Policy Objects as well.

1 Like

Go for the Flint 2. It’ll allow more room for growth/expansion.

… see the difference in the WireGuard speed.

1 Like