Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
892
Views
0
Helpful
7
Replies

ASA 5505 Firewall Speed

Mohammed Yusuf
Level 1
Level 1

‎01-12-2016 07:54 AM - edited ‎03-12-2019 12:07 AM

Hi,

I have got a question and run out of troubleshooting ideas. I have got 60Mb Fibre broadband coming in and connected to ASA 5505 Firewall and then our switches. When I test our speed without ASA 5505 Firewall I get more than 60mb.

When I do run speed test through ASA 5505 Firewall I get 32mb. I am not sure why I am getting this speed through firewall.

I have got Site to Site VPN configured on this Firewall.

Could please someone point me in the right direction?

Thanks,

Labels:
0 Helpful
7 Replies 7

Karsten Iwen
VIP
VIP

‎01-12-2016 08:17 AM

The ASA 5505 can handle a 60 MBit/s connection.

  1. When testing with the ASA: You make sure that the VPN and/or other users don't also consume bandwidth?
  2. You have checked "the basics" like duplex-settings?
  3. Your ASA config only has interface/NAT/routing settings to make sure it's not a misconfiguration in the config?
0 Helpful

Mohammed Yusuf
Level 1
Level 1
In response to Karsten Iwen

‎01-13-2016 12:40 AM

Hi Karsten,

I have made sure that the VPN site was shut and no one was in the office but me. The interfaces are set to Auto-Duplex(Full-Duplex), Auto-Speed(100mbps)

Interface Ethernet0/1 "", is up, line protocol is up
Hardware is 88E6095, BW 100 Mbps, DLY 100 usec
Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps)
Input flow control is unsupported, output flow control is unsupported
Available but not configured via nameif

Interface Vlan1 "inside", is up, line protocol is up
Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
MAC address 4c00.8264.cc29, MTU 1500

Interface Ethernet0/0 "", is up, line protocol is up
Hardware is 88E6095, BW 100 Mbps, DLY 100 usec
Auto-Duplex(Full-duplex), Auto-Speed(100 Mbps)
Input flow control is unsupported, output flow control is unsupported
Available but not configured via nameif
MAC address 4c00.8264.cc21, MTU not set
IP address unassigned

Interface Vlan2 "outside", is up, line protocol is up
Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec
MAC address 4c00.8264.cc29, MTU 1492

0 Helpful

Mohammed Yusuf
Level 1
Level 1
In response to Mohammed Yusuf

‎01-14-2016 07:38 AM

Any idea Karsten? I have got the feeling that it could not cope with throughput when all 40 -50 users start their shift.

0 Helpful

Karsten Iwen
VIP
VIP
In response to Mohammed Yusuf

‎01-14-2016 07:52 AM

It should give you the full 60 MBit speed. No idea what's going wrong there.

  • Are you doing any strange things in your config?
  • Have you tested with a clean config? 
  • Are you running a recent software on your ASA?
0 Helpful

Mohammed Yusuf
Level 1
Level 1
In response to Karsten Iwen

‎01-15-2016 02:51 AM

I have got asa Version 9.1(3) and ASDM 7.1(4).  I have not tested it with clean config but It is very hard to do when I have got only one ASA.

0 Helpful

Karsten Iwen
VIP
VIP
In response to Mohammed Yusuf

‎01-15-2016 08:42 AM

I wouldn't expect this to be a root-cause, but upgrading to 9.1(6)10 is still a good idea.

0 Helpful

Mohammed Yusuf
Level 1
Level 1
In response to Karsten Iwen

‎02-05-2016 06:03 AM

Hi Karsten,

I have updated to the latest 9.1(6)10 and no difference but when I remove access list group only for test. I get full speed. I could not figure out which access list causing the issue. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card