Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Civil3D 2023 and Global Protect

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Civil3D 2023 and Global Protect

L0 Member

Greetings Programs,

 

We have a client that is an engineering firm. They have a few remote engineers and we are starting to see issues with Civil3D 2023(AutoCAD).

Majority of these end users have Windows 11 OS with Global Protect installed on it to VPN into the office to access a network shared drive. When the end users open Civil3D 2023 (AutoCAD) the base program loads on their machine and then it pulls some pre-set configuration file down from the network share drive. This process is taking anywhere from 15-20 minutes over the VPN. When the end users are in the office this process takes about 3-5 minutes. While troubleshooting, we are not seeing any resource spike on the laptops; CPU, memory, hard drive, and network resources in task manager are running at near idle. 

 

According to Autodesk, Civil3D is designed to work in a windows based network. A use of a VPN is consider to be a 3rd party network.

 

The main purpose of posting this is to see if anyone is experience similar issue with Global Protect running on windows 10/11 when opening resource heavy programs hat have to reach out across the VPN?

 

Pan-OS version 10.2.2

GP version: 5.2.12

 

Any suggestions would be great. Thanks! 

1 REPLY 1

L4 Transporter

Hello @EDraper 

 

I have a similar situation with anothers heavy apps.

 

I recommended ot change de MTU value for Global Protect and test. Change first to 1300 and then to 1100 and test the performance and the correct operation. This is por avoid the fragmentation of packets.

 

https://docs.paloaltonetworks.com/globalprotect/5-2/globalprotect-app-new-features/new-features-rele...

 

And the another options, is use an check DSRI option in the security policies with match for your App. This es for not inspect the response flow, S2C and improve the performance with the connections. The finnaly but only for test and you need to review performance vs security, is not use secure profiles in the policy to match with exactly traffic for this app an test. The review the improve and take a decision security vs operation.

 

DSRI:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV9CAK

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClpfCAC

 

 

Cheers

High Sticker
  • 1183 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!