This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Civil3D 2023 and Global Protect

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Civil3D 2023 and Global Protect

EDraper
L0 Member

‎01-06-2023 09:10 AM

Greetings Programs,

 

We have a client that is an engineering firm. They have a few remote engineers and we are starting to see issues with Civil3D 2023(AutoCAD).

Majority of these end users have Windows 11 OS with Global Protect installed on it to VPN into the office to access a network shared drive. When the end users open Civil3D 2023 (AutoCAD) the base program loads on their machine and then it pulls some pre-set configuration file down from the network share drive. This process is taking anywhere from 15-20 minutes over the VPN. When the end users are in the office this process takes about 3-5 minutes. While troubleshooting, we are not seeing any resource spike on the laptops; CPU, memory, hard drive, and network resources in task manager are running at near idle. 

 

According to Autodesk, Civil3D is designed to work in a windows based network. A use of a VPN is consider to be a 3rd party network.

 

The main purpose of posting this is to see if anyone is experience similar issue with Global Protect running on windows 10/11 when opening resource heavy programs hat have to reach out across the VPN?

 

Pan-OS version 10.2.2

GP version: 5.2.12

 

Any suggestions would be great. Thanks! 

0 Likes Likes
1 REPLY 1

Metgatz
L4 Transporter

‎01-08-2023 04:46 PM - edited ‎01-08-2023 04:53 PM

Hello @EDraper 

 

I have a similar situation with anothers heavy apps.

 

I recommended ot change de MTU value for Global Protect and test. Change first to 1300 and then to 1100 and test the performance and the correct operation. This is por avoid the fragmentation of packets.

 

https://docs.paloaltonetworks.com/globalprotect/5-2/globalprotect-app-new-features/new-features-rele...

 

And the another options, is use an check DSRI option in the security policies with match for your App. This es for not inspect the response flow, S2C and improve the performance with the connections. The finnaly but only for test and you need to review performance vs security, is not use secure profiles in the policy to match with exactly traffic for this app an test. The review the improve and take a decision security vs operation.

 

DSRI:

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClV9CAK

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClpfCAC

 

 

Cheers

High Sticker
0 Likes Likes
  • 1239 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks