06-06-2012 07:09 AM - edited 03-11-2019 04:16 PM
We have a configuration where we go through a firewall (ASA 5510) to a router, which decides if it is internet traffic or another network used for colleges etc in Canada called SRNet. If it is internet traffic it then goes through another ASA 5510 to the internet.
When we tested we were not seeing the speed of our internet (about 1/10th). We tested by putting the laptop before the internet firewall and we get the throughput. We also threw the test laptop before the router and we got the throughput expected. But when the test laptop is before the internal (first) firewall we get about 1/10th the speed.
We are natting on both firewalls, so from the inside we are going from a private IP to a Public IP (so it can go to SRNet is need be), then natting again to the internet IP on the second firewall.
Any ideas why the speed is so slow behind the internal firewall would be appreciated.
06-13-2012 02:40 PM
Set all the Cisco device's interface which are connected to the slow firewall to full duplex and the highest speed and ensure the same is done at the other end. Also can you please proivde a quick network diagram if possible with some made up IP address.
Can you please post a show interface on device which is slow?
Also can you check you cpu of the firewall?
Is the connection always slow or is it just at some parts of the day?
Can you please post the config of the devices connected on a text file, if you like please amend ip address to relate to the diagram.
07-09-2012 07:27 AM
We solved the issue. It was an http inspection issue I believe as I was away while they other person found the issue.
Thanks
Duane
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide