Ken, My company has 9 remote branches where we have established VPNs between Cisco Pix firewalls to the server farm in a co-location center. All of the users work exclusively from Citrix without issue. I would suggest looking at the Cisco pix 501s are the remote sites and a 515 for your farm. Cole. -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of David Teague Sent: Monday, March 14, 2005 10:55 To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Can Internet-based WAN links be reliable? Ken, My Company has over 200 users that connect via citrix into our ASP. We do not use VPN. On our side we have two multi-plexed T1's to provide bandwidth, it is actually over kill, we are usually right around the 300kbs in usage. We have customers who connect via dial up, home dsl/cable business dsl/cable and of course full T1's and more, very rarely do any of them complain about speed issues, and when they do it is usually something in between us causing the trouble, but that happens very very rarely. David Teague Support Analyst TMTsoftware 919-493-4700 -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of kenw@xxxxxxxx Sent: Sunday, March 13, 2005 1:41 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Can Internet-based WAN links be reliable? I'm looking for anyone who has found a way to get good reliable Citrix performance over the public Internet. Or is that an oxymonon? I have several clients using Internet-based connectivity for Citrix support of small remote offices. And I've just about run out of patience with erratic performance. Some sites seem to perform pretty well, some poorly, and the service is quite variable. Clients complain of jerkiness, slowness, and hung or dropped sessions. I've been using Citrix for 10 years. I've tuned the TCP stacks, set up keepalives, run packet traces, and so on. I've tried monitoring load, ping times and packet loss with MRTG. About the only thing I've ever found that really works is private networks -- but those are bloody expensive. High ping times are a rough predicter of performance problems, especially when combined with packet loss, or when due to very long haul or satellite connections. My endpoints are rarely overloaded, so there's not much I can do there. There are expensive products that claim to optimize intersite performance, but so far as I can see, those are all intended to optimise bandwidth on congested llinks. They really don't seem to offer much for unreliable connections with plenty of spare endpoint bandwidth, or for high-latency satellite links. But I can't claim to have tested them much. All of these offices are using DSL or Cable modems with static IPs and IPsec VPNs between Netopia (R910 or equivalent) NAT routers. In some cases, we also provide connections from remote individual PCs, using PPTP, to those same routers. None of these sites are currently using "bare" ICA sessions through open ports on the routers. I don't believe these issues are related to the use of VPN connections, but I can't swear to it. So I'm looking for success stories. What really works? /kenw Ken Wallewein K&M Systems Integration Phone (403)274-7848 Fax (403)275-4535 kenw@xxxxxxxx www.kmsi.net ******************************************************** This Weeks Sponsor: RTO Software TScale TScale provides a cost-effective way to improve performance, capacity and stability for thin-client servers like Citrix MetaFrame or Microsoft Terminal Services running Windows NT, 2000 or 2003. http://www.rtosoft.com/enter.asp?id)6 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor: RTO Software TScale TScale provides a cost-effective way to improve performance, capacity and stability for thin-client servers like Citrix MetaFrame or Microsoft Terminal Services running Windows NT, 2000 or 2003. http://www.rtosoft.com/enter.asp?id)6 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor: RTO Software TScale TScale provides a cost-effective way to improve performance, capacity and stability for thin-client servers like Citrix MetaFrame or Microsoft Terminal Services running Windows NT, 2000 or 2003. http://www.rtosoft.com/enter.asp?id)6 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm ThinWiki community - Excellent SBC Search Capabilities! http://www.thinwiki.com *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm