Jump to content
Welcome to our new Citrix community!

Best TCP Profile (or settings) for ST SSL VPN

Rowen Gunn

Recommended Posts

What would be your recommendations for the best TCP profile to use for SSL VPN?


In CTX232321 Citrix has some recommendations for changing the default TCP profile however this KBA is many years old. With lots of testing I've found inflating the TCP buffer directly equals a higher transfer speed on our SSL VPN.


Does anyone have any best settings, recommendations, or tricks to improve VPN overall speed and reduce latency?



Link to comment
Share on other sites

I would not change any TCP profiles, if I don't really know much about TCP/IP (an I mean much, compared to Stephen Fall's TCP illustrated). Instead I would use one of the existing TCP profiles.


Their names end with lfp, lnp, wan, lan, interactive stream, xxx_thin_stream.

l means long, so it means, the connection has latency.

f means fat: the connection has no or hardly bandwidth problems

n means narrow, so there are bandwidth problems.

p means pipe. The connection.


lfp means long fat pipe, so some problems with latency, no problems with bandwidth. The same profiles exist for more interactive applications, so applications that won't transfer plenty of data, instead demand immediate response.


There is one thing you could change: The TCP flavour. There are 3 default ones (BIC, CUBIC and Westwood) and a custom one, Nile. BIC and CUBUC perform well on wired connection, Westwood does a good job on wireless, and Nile is somewhere in between.


I hope, that helps.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...