Can I do RDP compression over IP/VPN tunnel by PfSense?



  • Hello My Friends,

    I'm newbie in Pfsense. We have branch network, which is interconnected by IP/VPN connect. The branches are using MS Windows terminal server with RDP. The links are so expensive and the existing links are slow. I want compress RDP (Windows RDP protocol) Can I do with this by Pfsnese. I am using 2.0-RELEASE (i386) built on Tue Sep 13 17:28:43 EDT 2011. . If this is possible with pfsense, please give the steps.

    Thanking You….. :) :) :)

    Vidu



  • the RDP compression can be set on client, it's hard to compress it on firewall.

    Few suggestions to improve RDP quality:

    • Enable compression

    • reduce color depth

    • reduce desktop size

    • on server side, disable many features that remote users do not need(sound, desktop themes, etc…)



  • You can't compress RDP at the network level with anything, it's encrypted (XP/2003 and newer at least) and encrypted traffic by definition is not compressible. Doing what marcelloc noted will go a long way.



  • Hi,

    What is recommended way of Open Source WAN acceleration method? Please share your experience with me regarding WAN Accelerator….  ::) ::) ::)

    Vidu



  • first step
    linux based and yes i know that linux and pfsense doesn't mix up very well



  • @marcelloc:

    the RDP compression can be set on client, it's hard to compress it on firewall.

    Few suggestions to improve RDP quality:

    • Enable compression

    • reduce color depth

    • reduce desktop size

    • on server side, disable many features that remote users do not need(sound, desktop themes, etc…)

    Just to add, another feature that helps is:
    Persistent Bitmap Caching

    This will reduce the load on redraws of small parts of the screen since only the changes are transmitted rather than the entire screen's data.



  • Open source WAN acceleration doesn't exist in a stable, production-grade format, at least nothing comparable to what commercial (and pricey) WAN accelerators do. Though RDP isn't one of the benefits of having WAN acceleration, their primary benefit is with protocols like SMB that are by their design terrible over higher latency, and the magic WAN accelerators put in the middle works around the poor protocol design. Traffic Squeezer can do compression on compressible traffic, but RDP is not compressible. Compressing non-compressible traffic, like anything encrypted, actually makes it bigger. The best any WAN accelerator could do with RDP is muck with TCP window settings and related things that combat the usual issues with long fat pipes where it's hard to reach the capacity of the line without doing so. Nothing they do would help with RDP on slow connections. Changing RDP settings as people have suggested here is your best and really only option regardless of what devices you have on the network.


Locked