What do I need to tell my employer's IT department about firewall settings for my Exede access?

  • 1
  • Question
  • Updated 2 years ago
  • Answered
I seem to recall, during installation, it being mentioned I would need to notify my employer if I would be using satellite internet for working from home. I have, but they are unsure if there are different settings for the sonic wall (firewall) for this scenario than for others working remotely with high speed cable internet. My IT reports when they ping my connection - they get high latency and dropped packets. Any suggestions?
Photo of Me Broome

Me Broome

  • 1 Post
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Christine Conrad

Christine Conrad, Champion

  • 263 Posts
  • 292 Reply Likes
Normal latency for Exede is around 730 milliseconds. The satellite is located above the equator about 22,500 miles away.
Photo of Diana

Diana, Viasat Employee

  • 2260 Posts
  • 429 Reply Likes
Hi Me Boome. There is latency with satellite and most VPN do not work with it. Here is a section from our website concerning VPN.

Some VPN solutions, generally those based on SSL, may work over our service, as they incur no significant performance degradation.  However, we do not recommend or support any VPN solutions.  Additionally, using a VPN connection may increase your bandwidth usage, and run the risk of violating the Data Allowance Policy

A computer configured to allow a VNC (remote desktop connections) behind a ViaSat satellite modem will function.  However, VNC modem-to-modem connections may not work if the satellite modems are not provisioned in the same carrier. 

The above information can be located on our website.
http://help.exede.net/articles/Denver_FAQ/4872
(Edited)
Photo of david

david, Champion

  • 545 Posts
  • 389 Reply Likes
I used Private Internet Access for a little while a year or two ago and I never had any problem with it not working but the speed was about cut in half on it so at least some VPNs will work.
Photo of Me Broome

Me Broome

  • 1 Post
  • 0 Reply Likes
Thank you for your comments and assistance. I've been working with Excede through my sonic wall for two weeks. It works pretty well - I knew it would be slower than the high speed access at the office. I just wondered if there were any settings my IT department could make to my sonic wall that would help with the latency and dropped packets.
Photo of Bev

Bev, Champion

  • 3083 Posts
  • 1294 Reply Likes
The main thing is they need to set a longer time out delay and, make sure thier system allows latency of up to 2000 MS. You will rarely see it that high but, under heavy congestion on you beam, it can be that bad. Some servers see connections over a set latency, usually around 300 ms. as unstable.

While we do have high latency, that's just the laws of physics and the distance satellite signals have to travel through space, it is a stable connection so, they need to be sure their server knows that.
Photo of Old Labs (VS1-329-L12FZ)

Old Labs (VS1-329-L12FZ)

  • 3923 Posts
  • 4012 Reply Likes
Direct your IT department to the following link:

http://www.bentley-walker.com/articles/101

For the reasons cited there, I've always found that VPN connections that support the L2TP protocol simply worked better since the payload is sent using UDP. Whether possible, depends on the VPN server and client support for it. That protocol itself doesn't provide confidentiality, and instead is typically couple with the IPSEC protocol. As such it's frequent labeled as simply L2TP/IPSEC since both are normally required.

I personally never had any VPN problems against a variety of VPN servers that couldn't be fixed knowing what protocols were supported and enabling them as needed in my router (or in some cases using the preferred VPN client for the specific server) - although slowness is to be expected, but it beats a lengthy commute.

P.S. There are some additional protocols that may be available and better suited - your IT department would/should be aware of them.  
(Edited)