Is it normal for Internet Speed drastically decrease when using VPN-Remote Desktop?

So I’m not a tech guy but I will try to explain as clear as possible my internet issue:

Due to pandemic got to work from home and Company requires me to work through RDP. I’m asked to connect to the Company’s VPN and then to start the Remote Desktop Connection. I do this using my 40 Mbps home internet from a laptop connected via Wi-Fi.

The thing is that I have done several Speed Tests and get normal internet speeds up to 40 Mbps using Wi-Fi, but when connected to VPN/Remote Desktop the speed goes down to 2 Mbps or less.

I’m curious about if this is a normal/expected behavior because on one hand the Company’s Help Desk says I should contact ISP for they are apparently throattling my internet speed; nevetherless when talking to ISP they say it normal for the internet speed to decrease when connected to VPN.

I would like to have a better comprehension and be able to determine whether the Company’s Help Desk or ISP or none is in the wrong/lying here.

Thanks in Advance.

without knowing the speed and sophistication of your IT setup and how it connects to the outside, world it’s impossible to say for sure, but understand of course that you are connecting to your company’s VPN and THEN OUT to the internet you know.

If they have 10 users at a time sharing a couple of ancient T-1’s, your bandwidth is going to be capped by the total bandwidth of those T-1’s and subject to sharing overhead.

Alternatively, they could be on fiber but have your bandwidth throttled down to what is needed to perform you job duties and downloading 4K HD video is not on the list - hence the 2Mbps cap. This is the more likely scenario. Their IT admin can set band limits on and all users by login and group.

Just to be clear: you are connecting to your company’s VPN server? If so, that is where your problem lies. My guess is the company server is not up to the load (can’t handle the bandwidth). It may work fine for employees to check their email, message each other or access computers with command line prompts, but Remote Desktop uses a lot of bandwidth by comparison (analogous to a video feed). If you have a bunch of employees all RDing through a small vpn server it will choke.
Incidentally, encryption/decryption is not compute intensive: once you have your secret key, it amounts to XORing bits, which is something computers do very quickly indeed.
Also, if you’re using the company VPN and your IT department tells you contact your VPN provider, it may be time to flag your IT folks to someone higher up…
If you’re not using your company VPN the choke point is still probably at your company’s firewall (which is where internet traffic goes into and out of the companies own network). But there is a much bigger problem in the the VPN provider can see all your company’s business.

Your VPN may be routing all your outbound traffic non company related through your company’s internet connection (ie, on VPN your company becomes the default gateway).

My company’s VPN allows for using them as a default gateway (helps with some internal resources) or not. Check your VPN settings. You probably don’t want the company seeing all your internet browsing while on their VPN…

If you have a weak pc, the encryption from both the VPN and RDP could be tough with the processor. I’d still check to see if you’re getting throttled

It really shouldn’t go from 40Mbps to 2 though. Or rather, unless your pc is really bad it shouldn’t anyways. Even a rasp pi 4 could handle encryption at your regular speeds and its cpu isn’t powerful lol. Have you tried the vpn speedtest through a different device? If it’s the same 2Mbps roughly then it’s likely either the vpn service has its own issues or your ISP is throttling it.

Does your company need all traffic to go through the VPN? That would likely put a strain on their bandwidth as well. I think it would be better, if they really need it just to better secure their RDP connections, that they set up split tunneling. So only traffic destined to the remote desktop goes over the VPN and the rest goes over your ISP.

Using wireguard cuts my internet speed by 6% so 40 Mbps without VPN is 37 Mbps with VPN.

40 to 2 is not normal

in my experience yes, but it depends on how far away your vpn providers server is as well. If you connect to a device thousands of miles away or multiple devices there will be network latency that comes into play. Where as with just your isp you are going through their infrastructure, which is in your town to the major backbone connection to the service you are connecting to.

remote desktop is never fast, its all software render, no hardware acceleration

VPN remote desktop like logmein hamachi or any other VPN will give faster speed. Speed will never decrease when using a VPN.

Incidentally, encryption/decryption is not compute intensive: once you have your secret key, it amounts to XORing bits, which is something computers do very quickly indeed.

Is this the case nowadays? I’m out-dated but a long time ago, bandwidth through some Sonicwall firewalls was significantly slower when doing VPN. I’m just making up the numbers due to poor memory but it went from something like 80Mbps to 20. i.e. a dramatic slowdown.

The Public Key Encryption part is compute intensive because it involves multiplication/division of large numbers. However, this is only done to communicate a shared secret key. Once both parties have the secret key, communication is just a question of OR-ing the data with the secret key. It’s a logical/binary operation, so is native to all binary systems.

BTW I’m not *100%* sure about this because a) I don’t believe in certainty but more importantly b) because I’m outdated, too and memory sometimes fails :slight_smile: Look up PKI for details.