04-15-2011 08:53 AM - edited 03-04-2019 12:05 PM
I have a synchronous 10 Mb connection to my isp which I have conneted to a CISCO asa 5510. I have done a lot of testing and there is a very noticable difference in my upload/dowload speeds.
When I connect a laptop directly to the Cable from my ISP's equipment and have the NIC set to autosense, I get similair results for Download/Upload Speeds I have tested and get 9 plus down and 8 plus up.
When I either connect the asa directly to this cable and set to either 100/Full or autosense OR I place a non-managed switch in between the asa and the ISP's equipment My upload speed drops dramataically. The Download speed stays about the same 8 Mb Plus but my upload falls off the face of the earth drops to about a 1Mb. I have noticed this many times when I am going from a cisco 800 series router to a Cisco ASA.This is severely limiting my ability to perform replication out from my locale. Is there any work around or suggestions?
04-15-2011 08:58 AM
Is the ASA interface coming up 100/Full? Typically when I see this it's a duplex issue of sorts.
04-15-2011 09:05 AM
No I have made sure that interface is set to duplex and have seen it show full form sho int command. I have set it to Auto with the same results again.
I work in the Tri-state area and normally would see this where we would do cuts over to Light_path. My normal remedy of placing a small non managed switch between the two pieces of equipment has failed me. Undertsand that it appears to be a duplex mismatch issue but I am scrathing my head on this one
04-15-2011 09:08 AM
Using the show interface command, do you see any errors, CRCs or drops?
04-15-2011 08:34 PM
Are there any error logs on the ASA when you are uploading/downloading from the web?
I suggest that you consult these two ASA troubleshooting guides:
https://supportforums.cisco.com/docs/DOC-8982
https://supportforums.cisco.com/docs/DOC-12439#comment-6995
Please remember to rate all posts that are helpful.
04-19-2011 07:15 AM
Guys thank for you inputs,
I have tested some other things, I looked at those best practices posted by Sean and even tried the the mss-exceed allow fix that I have used on dhcp Cable modems plugged into ASA(s) and still the same results. No Http in the inspect protocols,There are no CRC error or runts Giants etc. I tried something just to confirm its a Cisco thing. I configured and setup a Sonic wall in the DMZ, plugged into same un-managed switch that my asa is plugged into and I was able to get same download and same upload speeds 6 Mbs up and 6Mbs down.
Definetly something on the Cisco side but especially an ASA issue.
I can't be the only one to have these issue with ASA
THX again
05-29-2012 09:43 PM
This thread is over a year old but I found it because I had the same problem: Download speed--close to the bandwidth promised; Upload speed--nowhere near what was promised. Here's how I solved it (thanks to sean_evershed's first ASA troubleshooting guide link):
The problem was NOT between the fiber modem and the firewall. The problem was between the firewall and the switch. Our switch was set to autonegotiate. I logged into the website interface for the switch and changed the speed on the port to 100 full duplex. This immediately tripled the speed of uploads nearly matching our download speed.
-John
05-30-2012 12:54 AM
John,
Very nice experience - thank you for sharing that with us! Indeed, these duplex mismatches can hugely impact the efficiency of TCP transfers.
Best regards,
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide