Support Center > Search Results > SecureKnowledge Details
Latency with remote access client when using simultaneously both Endpoint Connect and SNX Technical Level
Symptoms
  • When connecting with Endpoint Connect and SNX (e.g., to two different gateways) at the same time, latency can be noticed on both VPN tunnels.

  • Affected clients:
    • Endpoint Security Clients - E75.20 and above
    • Endpoint Security VPN clients - E80.40 and above
    • SNX clients - shipped with Security Gateway R75.46 and above


  • Debug from both clients (trac.log file and slimsvc.log file) shows the following entries repeatedly:

    [om] om_mngr_binding_order_event: Registry key changed
    [om] om_mngr_change_binding_order: entered.
    [om] om_mngr_change_binding_order: completed with status (-1)
Cause

When connecting with Remote Access VPN clients, such as SNX and Endpoint Security clients, the client changes the registry key "SYSTEM\\CurrentControlSet\\services\\Tcpip\\Linkage" and brings up its VNA to the top of the list of interfaces. This is done in order for TCP/IP services, such as DNS resolving, to use the VNA interface first.

In Endpoint Connect client, an additional feature was added to monitor the above registry key as long as the client is connected, if the order is changed by some network component, a callback function is called to check whether the VNA is still on top, and to change back the order in case it is not.

The same feature was integrated in recent version of the SNX client. As a results, when both clients are connected, they both monitor the binding order and change it back an forth in a loop, which causes the latency on the tunnel.


Solution
Note: To view this solution you need to Sign In .