SQL Slow though ASA 5510

Peter Long · ‎05-14-2007

Ive put in an ASA5510, and there are web servers on the DMZ that query SQL servers behind the firewall.

TCP Port 1433 is open to the SQL Servers.

The queries are working but are very slow, for example a sql query that returns 20,000 rows runs in about 5 seconds behind the firewall, but from the DMZ it can take up to 2 minutes.

Ive tried adding norandomseq to the statics for the SQL servers.

Ive tried disabling sql inspection.

I'd appreciate any input

PeteLong

beth-martin · ‎05-18-2007

SQL*Net inspection engine?If a control connection for the SQL*Net (formerly OraServ) port exists between a pair of hosts, then only an inbound data connection is permitted through the security appliance. It may slowdown your process.

mabrowncalence · ‎10-02-2007

Any luck on getting this resolved. I am having the same problems. ASA5510 running 7.2(3) SQL query is running extremely slow.

Matt

Peter Long · ‎10-02-2007

Hi Matt

I forgot this was open :/

The problem due to a speed duplex error on the inside interface.

When the query was run the errors shown in a

show int ethernet1

output shot up, I cabled the inside interface directly to the SQL server and it ran fine, so I knew the problem had to be behind the PIX, turned out to be a 3com switch that couldnt "auto negotiate" with the PIX, I changed the inside interface to 10 Mb half duplex, and it all ran fine, it will remain this way till the client upgrades his switch.

Hope this helps you out

Pete

www.petenetlive.com