Slow DNS resolution when connected to VPN on Windows
This is a problem we have experienced on Windows. I'm not sure there is something openconnect can do about it apart from documenting the solution which I'll document here. (p.s. I'm a developer not a Network expert so bear with me if my terminology is not perfect)
Problem
When connected to openconnect on Windows browsing is very slow. See the attached screenshot of the network display from Chrome when connecting to wikipedia.
Likely Cause
Our VPNs attach a DNS Server to the TAP IpAdapter used for the connection. This DNS server only resolves internal names and so public names are not resolved. Windows uses a metric to determine which connected adapter to use first. This is typically "Automatic" (all adapters are Automatic on my Windows 10 machine).
Solution (worked for everyone here)
Set the metric explicitly for the Wired and/or WiFi adapters to a low value. This can be done in 2 ways: with the Windows UI or with a Powershell script.
Instruction for Wi-Fi.
- Touch: the Windows key
- Type: powershell
- Choose: Run As Administrator
- Execute: Set-NetIPInterface -InterfaceAlias Wi-Fi -InterfaceMetric 5
If you use a wired connection the other alias is probably "Local Area Connection 1"*
To get a list of Interface Aliases you can execute: Get-NetIPInterface
- Those with automatic metrics: Get-NetIPInterface -AutomaticMetric 1
- Those without auutomatic metrics Get-NetIPInterface -AutomaticMetric 0