slow VPN - Win7 x64 - Cisco AnyConnect - NOD32 Antivirus

Discussion in 'ESET NOD32 Antivirus' started by DTU, Oct 21, 2009.

Thread Status:
Not open for further replies.
  1. DTU

    DTU Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    3
    problem: extremely slow VPN (comparable to 2400baud connection for those who are old enough to remember :argh: )

    specs: Windows 7 business x64, Cisco Anyconnect 2.4.0202 x64, NOD32 Antivirus 4.0.468.0 x64

    (problem is partly discussed in: https://www.wilderssecurity.com/showthread.php?t=238448&highlight=slow cisco)

    FW is disabled, ping is around 500ms. when i DISABLE nod32, still 500ms o_O . when I UNINSTALL nod32, ping back to 2ms, latency problem solved gone, and VPN working like a charm.

    I tried various different settings in nod32 setup, but can't find the one solving the problem :blink: o_O :blink:
    TIA for any help!
    /Michael/BOFH/dev/null
     
  2. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    I had the exact same problem as you describe in addition to several other slowdowns using nod32 and SSL in general.

    Try to disable SSL scanning which solved the problem for me and others. Check out the link below since it's not very obvious how to disable the ssl scanning completely:
    https://www.wilderssecurity.com/showpost.php?p=1360776

    This and other SSL issues been reported to Eset a long time ago so they should be aware of the problem. It's been almost a year with no fix so i would suggest that you disable ssl scanning which seems to be the the only solution.
     
  3. DTU

    DTU Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    3
    tnx, but unfortunately this does not help.
    I disabled "web access protection" completely and still not ok. And, as already stated above, "disable real-time file system protection" does not help. just an complete uninstall solves the latency problem.
    I also tried adding c:\windows\system32\mstsc.exe to the "exclusions" section in setup. no change.
    I'm at a loss....:'( :doubt: o_O

    shouldn't ESET techsupport be able to come up with a usefull solution on this forum? ;)
     
  4. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Did you follow the exact steps as described and that didn't help? Which means disable ssl scanning by changing both settings? Disable the realtime scanning won't help, make exclusions for the ssl scanner won't help either.....i tried that as well and still the same problem. What solved the problem for me is to make the changes as described in my post and disable the realtime/web protection did not solve the problem for me either.

    If you didn't follow the exact steps as described i would suggest you try it out and not assume that stopping one of the modules will have the same effect. If you already did the steps exactly as i described and that didn't help then i guess you have to wait for Eset, but the issues with the ssl scanning been there since the release of nod32 v4 and still not fixed so don't expect a quick fix.

    btw: I seems to have almost the exact same setup as you. Using Windows 7 x64 Enterprise and Cisco AnyConnect 2.4.0202. I'm still using Nod32 4.0.437 tho since i had problem with the latest release 4.0.467/4.0.468.
     
  5. DTU

    DTU Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    3
    IT WORKED! Reading is difficult for most people, and I'm apparently no exception to that rule :p

    this time I literally followed the 3 steps described in your post. clicking on "OK" between the steps. I did NOT have to restart NOD32, NOT have to restart CiscoVPN UI. Only thing I HAD to do, is to disconnect and re-connect the VPN connection (without this, still a lag). Connection went from >500ms to 2ms in 6 mouse clicks (and a couple of hundred keyboard strokes on this forum :cool: ).

    many thanks go out to GAN for his continued and patient reading and commenting!

    [edit] I just received a mail from eurosecure support (eset denmark representative), with the following link:
    http://kb.eset.com/esetkb/index?page=content&id=SOLN2132
    [/edit]
     
    Last edited: Oct 22, 2009
  6. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Nice and glad it's working for you as well :)

    I'm pretty sure the link sent by Eset will not fix this problem since the problem with slow VPN exists even if you uncheck the VPN client (which is unchekced by default as well) or if you make exceptions. The problem is that the SSL scanning when enabled cause problems even if you make make exceptions to make sure the ssl traffic from the VPN is not scanned. The only solution i found is to completely disable the ssl scanning as described.

    In addition to this problem i found that outlook anywhere with a second mailbox is extremely slow when ssl scanning is enabled (even if that traffic is excluded). Also general slowness with the ssl scanning feature enabled as well as some websites not working as expected. So with all these issues i find the ssl scanning feature to be pretty useless and better to make sure it's disabled.
     
    Last edited: Oct 22, 2009
  7. goran_larsson

    goran_larsson Registered Member

    Joined:
    Jan 25, 2008
    Posts:
    51
    Location:
    Stockholm, Sweden
    We reported this problem to ESET support with SSL and cisco anyconnect more than 7 months ago and theres still no "fix" for this, you have to manually disable the ssl scanning in the config. It seems howerver to be more of a problem using x64 than x86 clients. but to be sure we disabled ssl scanning on all clients.

    Regards Göran
     
Thread Status:
Not open for further replies.