ATP200 with slow RDP accesses

Pedro_Costa
Pedro_Costa Posts: 3
First Comment Friend Collector
edited April 2021 in Security
Hello, I have an ATP200 installed in the office, and at the moment I have about 30 people working for RDP access in autocad. For them to be able to connect without breaks and slowness, I am obliged to disconnect the security policies of ATP. Can someone help me what may be happening?

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,206  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @Pedro_Costa 

    We’re not clear about your question. Do you mean that you like to disable the security policy to speed up your RDP connection? Can you explain more detail?

    Thanks.



    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • Hi Zyxel_Jeff, I have the 30 people connected by ssl to the office, but due to complaints of slowness to work with autocad by RDP, I realized that only by turning off the security policy does it resolve. Because I don't want to have to turn off the security policy, I ask for your help. What can I do to overcome this situation?
  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,206  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hi @Pedro_Costa

    You can enable BWM to prioritize your RDP service.

    You can refer to this link:

    https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=012273&lang=EN

    Thanks.



    Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L

  • Mario
    Mario Posts: 106  Ally Member
    Zyxel Certified Network Engineer Level 1 - Security First Comment Friend Collector Fifth Anniversary
    @Pedro_Costa Take care, RDP Uses Port 3389 TCP and UDP. The default port settings from Zyxel are TCP Only. This can have an big impact on performance, if RDP only works over TCP.

  • Pedro_Costa
    Pedro_Costa Posts: 3
    First Comment Friend Collector
    edited February 2021
    Hi @Zyxel_Jeff and @Mario . I had already tested the Zyxel Jeff solution and it had not worked, I have now tested creating UDP port 3389 and joining services by group, but it did not work. The solution I found was to replace SSL connections with L2TP over IPSec. I don't know if it will have something to do with the difference in speed limitation between the different connections. But it got as fast as it did when security policies were off. Thanks so much for your help.
  • Mario
    Mario Posts: 106  Ally Member
    Zyxel Certified Network Engineer Level 1 - Security First Comment Friend Collector Fifth Anniversary
    Ok, this is sadly a know limitation. Secuextender is TCP based and an fast RDP Session needs UDP. In the end the UPD traffic is tunneld over TCP and this kills your performance.
    The only working way is to use IPSec or L2TP, as you already did.

Security Highlight