When connecting with Remote Access VPN clients, such as SNX and Endpoint Security clients, the client changes the registry key "
SYSTEM\\CurrentControlSet\\services\\Tcpip\\Linkage" and brings up its VNA to the top of the list of interfaces. This is done in order for TCP/IP services, such as DNS resolving, to use the VNA interface first.
In Endpoint Connect client, an additional feature was added to monitor the above registry key as long as the client is connected, if the order is changed by some network component, a callback function is called to check whether the VNA is still on top, and to change back the order in case it is not.
The same feature was integrated in recent version of the SNX client. As a results, when both clients are connected, they both monitor the binding order and change it back an forth in a loop, which causes the latency on the tunnel.