I need some help!
I work in IT and have 20 or so users using remote citrix desktops to work on another companies internal network. The basic procedure is as follows just so you know what type of connection we are using:
1. User creates a secure VPN session via a web browser using RSA SecurID.
2. User authenticates to remote network via Citrix.
3. User opens a remote citrix desktop window on his/her machine.
Now we are finding that the connection is very unstable. The user can be happily working away and then the connection will drop and then automatically reconnect itself and take the user back to point when the connection dropped. Sometimes the connection will drop continuosly every 4 or 5 seconds. Our Cisco PIX 515 Firewall/Router has been checked and all is clear. Is there anything else I can check?? I have changes a few PC's to use an MTU 1000 setting on their interface to force that connection speed but hasn't made much difference.
Have you tried testing/checking the link between the two networks? Maybe you are having dropouts on the network. You you maintain the link, or is it a third party? If it is a third party, log a fault call with them, and get them to check the link. If you guys maintain it, try doing some packet captures when the system is "failing" and see what you can find.
There are plenty of people around here who can help/advise on packet captures etc.
Hope that helps, if not, give us some more information and we can see what we can do.
The link between the two networks is simply our ADSL 2MB connection via our ISP. Our users are sitting on our network using our internet connection. They open a web browser and enter the URL that takes them to a web page that establishes the secure connection to the remote network.
The link between the two is, I assume just basic web traffic as there is no dedicated line between us and the remote network.
As of this very minute our connection speed is around 700kbits/sec
so I don't think we would be exceeding our bandwidth. Could it be our switches or Accelar hardware??
Difficult to be prescriptive here but I wonder if it could be due to the vaguaries of the internet. You're going over the public internet so although your two companies might well be in the same city your traffic could be going to the other end of the country and back again with various opportunities for congestion along the way. Also there is the question of both your and the other company's ADSL connections and their associated ISP. Many possibilities here; they might have added a new heavy user that is sharing your contention space for example. Also remember that ADSL is asymmetric so your total end-to-end badwidth will be that of the slowest upload speed of the two ADSL links regardless of what download capacity you have. Is there any pattern to the problem? Does it get worse or usually occur at particular times or days?
Also you seem to be saying that the problem has arisen recently which I take to mean that this used to work okay in the past. If that's the case, has anything been changed on either of the two comapnies networks that might be generating more traffic for example?
Like the Bishop says, the internet is a big cloud, and your connections could go half way round the world before it gets to the other office.
I agree that is sounds like something on your network has changed. Have you added some new users, or a new process that is taking up more system resources?
The bishop might be able to enlighten us more. But, have you thought about using a VPN? that might solve your issues, although without knowing what has "happened" between the two companies, that would just be an educated guess.
Firstly thank you both for your prompt replies. In regards to when this issue started, it started at inception. Apologies for the confusion but this issue has been with us since the beginning. Both companies use the same provider but I am unsure as to what their connection is. I do know however that our connection to our ISP is an 8:1 contended dedicated 2MB Fibre Link. There is definately no pattern at all to this issue it is completely random. I have had our PIX515 Firewall software upgraded to v6.??(I know it's v6 but not sure 6.??)
I have also had the router looked at and cleaned up. My ISP although rather vague say there are no issues they can see at their end of the router.
The solution that I have proposed is to set up 2 dedicated PC's from the other company to be set up in our office linked directly back to their network via an ISDN link. This will give them dedicated bandwidth and should resolve the issue. The only problem is these PC's will not be on our network and therefor not our users will have to manually move files from network to network via USB stick etc...The best solution is the current one however the reliablility issues are causing project delays! Could it be some or all of our switches, or maybe our Accelar1200?? I just want to be sure I have covered as much as possible so we don't turn around after this long and find out it's something at our end. :?