ATP200 with slow RDP accesses

Options
Pedro_Costa
Pedro_Costa Posts: 3
Friend Collector First Comment
edited April 2021 in Security
Hello, I have an ATP200 installed in the office, and at the moment I have about 30 people working for RDP access in autocad. For them to be able to connect without breaks and slowness, I am obliged to disconnect the security policies of ATP. Can someone help me what may be happening?

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,073  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Pedro_Costa 

    We’re not clear about your question. Do you mean that you like to disable the security policy to speed up your RDP connection? Can you explain more detail?

    Thanks.


  • Pedro_Costa
    Options
    Hi Zyxel_Jeff, I have the 30 people connected by ssl to the office, but due to complaints of slowness to work with autocad by RDP, I realized that only by turning off the security policy does it resolve. Because I don't want to have to turn off the security policy, I ask for your help. What can I do to overcome this situation?
  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,073  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    Hi @Pedro_Costa

    You can enable BWM to prioritize your RDP service.

    You can refer to this link:

    https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=012273&lang=EN

    Thanks.


  • Mario
    Mario Posts: 104  Ally Member
    First Anniversary 10 Comments Friend Collector Zyxel Certified Network Engineer Level 1 - Security
    Options
    @Pedro_Costa Take care, RDP Uses Port 3389 TCP and UDP. The default port settings from Zyxel are TCP Only. This can have an big impact on performance, if RDP only works over TCP.

  • Pedro_Costa
    Pedro_Costa Posts: 3
    Friend Collector First Comment
    edited February 2021
    Options
    Hi @Zyxel_Jeff and @Mario . I had already tested the Zyxel Jeff solution and it had not worked, I have now tested creating UDP port 3389 and joining services by group, but it did not work. The solution I found was to replace SSL connections with L2TP over IPSec. I don't know if it will have something to do with the difference in speed limitation between the different connections. But it got as fast as it did when security policies were off. Thanks so much for your help.
  • Mario
    Mario Posts: 104  Ally Member
    First Anniversary 10 Comments Friend Collector Zyxel Certified Network Engineer Level 1 - Security
    Options
    Ok, this is sadly a know limitation. Secuextender is TCP based and an fast RDP Session needs UDP. In the end the UPD traffic is tunneld over TCP and this kills your performance.
    The only working way is to use IPSec or L2TP, as you already did.

Security Highlight