Forum Discussion

wfhNinja's avatar
wfhNinja
New Contributor
4 years ago

COX + AWS VPN Client terrible pack loss

I WFH and my company is switching from a Cisco VPN Client to AWS VPN Client. My internet is amazing (230D/10U) when I am not on a VPN and works pretty good when connected to Cisco VPN. However whenever I connect to AWS VPN Client I have intermittent terrible connection times, small image/js assets (<1mb) for a webpage or email will take a minute to reach my client.

In working closely with my network engineers it appears the issue is between Cox and AWS, how does the issue get resolved? I won't be able to do my job when we make the switch.

  • wfhNinja's avatar
    wfhNinja
    New Contributor

    Update: I have been using my cell phone as a hotspot, then connecting to AWS VPN to get work done. I haven't seen any issues...

    • Superbigwaff's avatar
      Superbigwaff
      Contributor

      Network traffic would take a different route using the hotspot network than using the Cox network which is why you haven't seen any issues using your hotspot.

      • Superbigwaff's avatar
        Superbigwaff
        Contributor

        Your company VPN software has a target VPN gateway address (perhaps several). This is the hostname or ip address the VPN software will connect; it should be publicly accessible. Have you attempted a tracert between the VPN gateway host when off the VPN?

  • JakeSpeed1966's avatar
    JakeSpeed1966
    New Contributor II

    PingPlotter is a free (limited feature) or pay (full feature) tool that might help as well since it can log or graph ping times activity. I use the free version to do what you did from a command prompt but has much more data including packet loss calculation.

    Im not sure google is the best target for tracert...I would target what I use the most and is the most impactful if it is unavailable.

    A Cisco VPN can be configured for split tunneling meaning that corporate traffic destined for corporate hosted resources goes through the VPN but Internet traffic does not. I bet that is how your were working before. I would ask your IT group of split tunneling is configured or can be enabled for you. This will allow you to bypass the VPN when not getting corporate data

    Bonus information...

    Many companies are looking to embrace cloud hosted solutions (Amazon being a major cloud solution provider). Googling AWS VPN solution diagrams only resulted in cloud hosted content and not on prem content. If your company has a hybrid model your VPN data path is from your location to AWS and then from AWS to your corporate on prem content.

    Link to a simple diagram on how I bet your company is configured...Access to an on-premises network - AWS Client VPN (amazon.com)

    AWS VPN client split tunnel doc as well... Split-tunnel on AWS Client VPN endpoints - AWS Client VPN (amazon.com)

    Good Luck