UniFi L2TP VPN - Setup & Config

Windows 11 BUG - VERY SLOW Internet Speed while VPN is Connected

  • Ran into this issue recently after a user called me on their work from home day using their newly setup laptop complaining of unusable internet speed while their VPN was connected.
    • 8af02edff2d46abcb336e0472b1b394b.png
  • After doing a bit of research it seems like this is a recent but also a slightly recurring Windows 11 bug
  • Individual Device Fix: services.msc -> Routing and remote access -> change “start type” to Automatic (Delayed start) and click “Start” while in the user’s account SOURCE
  • Group Policy Fix(I ended up pushing this policy to all laptop devices without any issues): - Enable Routing and Remote Access to start automatically through System Services:
    • bf4f58f1d925c2f4ae218c6b4e8bf293.png
  • Possible other solution: Delete MiniWAN driver for L2TP VPN in device manager: - https://old.reddit.com/r/Windows11/comments/patot6/vpn_and_slow_speeds/hepti4t/

How to Setup UniFi VPN on UDM Pro

  • https://lazyadmin.nl/network/unifi-vpn/

Disable VPN Credentials For Network Resources

By default L2TP/IPSEC VPNs will try to use the VPN credentials for network resources like network shares. If you are not using Radius authentication with AD, you will need to disable this in the user’s VPN config file so the user’s login AD credentials get used instead of the VPN credentials.

  • https://serverfault.com/questions/322235/do-not-use-vpn-credentials-to-connect-to-network-resources
  1. Open Windows Run and open the following folder: %userprofile%\AppData\Roaming\Microsoft\Network\Connections\PBK
  2. Edit rasphone.pbk and change UseRasCredentials=1 to UseRasCredentials=0
    • If you do not do this, Windows will keep using the VPN credentials to connect to any network shares the user has mounted and will lock out the user’s AD account.
    • b4ed500d124f69d6226d557514d31110.png

Last updated on July 17, 2024. For any questions/feedback, email me at blog@zinchuk.xyz.