01-16-2004 12:24 PM - edited 03-09-2019 06:09 AM
We installed the PIX firewall. Moved the web server to DMZ interface. Now webserver is responding slow. What may be the reason. We have pix 6.3(1) and pIX 515 Restricted.
01-16-2004 02:30 PM
In most cases slow responses are due to a lack of nameresolving. Lot of people forget that most webservers do use reverse namelookup before sending respons to the visitor. If this traffic is blocked on the dmz interface, this request times out after which the respons to the visitor is send. The visitor experiences slow respons.
But this is just a lucky shot. I would need to have more information on the setup and on your config to be more specific. But check this first if you want.
There´s also a good document on CCO on this problem which can be found at:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094459.shtml
Kind regards,
Leo
01-23-2004 07:02 AM
It could also be the amount of traffic you are trying to push through this Firewall and how many users this server is supposed to support. Do you know either of these stats?
01-29-2004 12:39 PM
How's the webserver connected? Using a cross-cable? If so check the speed/duplex settings at both sides, make sure they are set to the same settings at both sites. Setting them both to auto-negotiation should be fine.
01-29-2004 04:35 PM
What type of authentication is going on, are you accessing a domain controller on the other side of the firewall for anything?
Are you accessing a database server on the inside of the firewall?
If you configured database access through the firewall and it is microsoft, did you open all the ports? If the server uses RPC did you do the reghacks to make that work through the firewall?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide