Showing results for 
Search instead for 
Did you mean: 

Can a Cisco 2851 support a 50mb WAN connection with Firewall/NAT? If not what do I need?

This connection is for a building with ~40-50 users browsing at any given time.

We have a new 50/10MB Comcast Deluxe connection we are trying to set up in our environment. We have a single static IP and the Comcast provided SMC-3DG router/modem has been set to "bridge mode" by Comcast. This is then plugged into one of the interfaces and that interface has the static IP defined on it with a default route to the Comcast provided gateway IP. I wired the 2851 into our layer 3 switch, set up some static routes on the 2851 back to our existing subnets and everything traffic-wise is flowing between our existing subnets and this new router.

Since the default route on our layer 3 switch is defaulted to our older 2811 router (that I'm intending on replacing with this 2851), I set up a static route on our layer 3 switch to guide all traffic for and out to the 2851 router. Doing speed tests show 12 MB down, .5 MB up. Connecting a laptop directly to the Comcast SMC modem and setting it's IP to the static IP shows full speeds again, so the issue has to be with our configuration/equipment.

So to my question. Can a Cisco 2851 support this 50mb Comcast connection and do I just have it configured wrong? Or do I need a different router altogether? Please help guys, I have been hammering away at this for a couple weeks now. At first I tried the 2811 but that had slow speeds, so I figured the 2851 with twice the throughput would do a better job but for some reason it is not currently. I have played with duplex settings (100, full, half, auto) and nothing changed. I updated the 2851 to the latest 12.4 firmware and also no change.

Thanks in advance Cisco community for any help you can provide!


Accepted Solutions
Edison Ortiz
Hall of Fame Mentor

Let's eliminate the switch but you will need a xover cable to connect the laptop directly to the router.

View solution in original post

Edison Ortiz
Hall of Fame Mentor

The 2811 should do better than 12MB/5MB

According to:

it is rated at 60Mbps.

When you use the router, where are you connecting the laptop?

Also, did you try disabling the FW in the router and see if the connection improves?

Did you check the CPU? Also any errors reported on the interfaces?

It's actually 12mb/0.5 (less than 1 up). When I tested this on my 2811 it was 5 up/5 down.

When I use the router, I'm testing through my workstation which is connected to a layer 3 switch (Dell Powerconnect 6224) which is connected to the 2851. Should I do a test plugging directly into the router using the laptop?

The 2851 was recently reset to factory defaults and has almost nothing configured on it beyond basic routing and NAT. No stateful inspection or anything else like that set up on it yet. Would any of the newer advsecurity firmware versions like 15.0 or 15.1 handle a faster connection like this? Or is 12.4's latest sufficient?

Edison Ortiz
Hall of Fame Mentor

Let's eliminate the switch but you will need a xover cable to connect the laptop directly to the router.

Hi Daniel,

I would recommend to connect the laptop direct to the router.

check the WAN interface bitrate of the router when you run the utilization test in order to confirm that the traffic utilization is the same to the interface and You can use the load-interval 30 command under the WAN interface in order to increase the accurasy of these measurments.

Second, check that the ip cef is enabled to the router. This is required in order to achieve such a high  value of throughput.

Finally, check the CPU utilization of the router when you run the tests.

You can run the next command to the router.

show proc cpu

show proc cpu history

And check the CPU utilization value. If this value is too high, you can provide us the output in order to see which process consumes the resources of the router and further investigate the problem.

Finally, you should take into consideration that the packet size can severe affect the throughput of the router.

Hope that helps!


Okay I used a cross-over cable and connected the laptop directly to the router and gave it an IP on that interface.

I did a test from the laptop and I see full speeds through the router. I guess that indicates the Dell Powerconnect 6224 is the issue somehow. I know it isn't a Cisco device, but do you know of some things I can check on this layer 3 switch that would affect speed?

Okay I did some more testing and this is very strange. I plugged directly into the Dell Powerconnect 6224 and did some speed tests out to the Comcast modem - I saw 1 MB down, 0.3 MB up. I switched to the DSL and did another test directly connected - same speeds! What the heck?

I went back to my workstation (which is connected to the wall, back to the patch back, via cables to another switch, that ultimately plugs into this core switch) and I am still seeing 10 MB on the DSL (full DSL speeds).

What in the world could be causing this switch to slow down any connection, especially a direct connection, by so much?

Edison Ortiz
Hall of Fame Mentor

It could be a lot of factors:

1) local node ISP congestion

2) server where you are performing the test against

3) Your laptop

4) internet backbone (very unlikely)

As you noticed, the router you have should meet your needs.

I don't believe it is the ISP, server, laptop, or internet backbone seeing as the speed tests from my workstation show full speeds. It's just when it is plugged directly into this switch that it is being throttled. For some reason direct connections severely throttle it.

Got it! Played around with the switch a little and got full speeds! THANKS GUYS FOR THE HELP TESTING DIFFERENT SEGMENTS!!!