cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1742
Views
0
Helpful
3
Replies

SQL Slow though ASA 5510

Peter Long
Level 1
Level 1

Ive put in an ASA5510, and there are web servers on the DMZ that query SQL servers behind the firewall.

TCP Port 1433 is open to the SQL Servers.

The queries are working but are very slow, for example a sql query that returns 20,000 rows runs in about 5 seconds behind the firewall, but from the DMZ it can take up to 2 minutes.

Ive tried adding norandomseq to the statics for the SQL servers.

Ive tried disabling sql inspection.

I'd appreciate any input

PeteLong

3 Replies 3

beth-martin
Level 5
Level 5

SQL*Net inspection engine?If a control connection for the SQL*Net (formerly OraServ) port exists between a pair of hosts, then only an inbound data connection is permitted through the security appliance. It may slowdown your process.

mabrowncalence
Level 1
Level 1

Any luck on getting this resolved. I am having the same problems. ASA5510 running 7.2(3) SQL query is running extremely slow.

Matt

Hi Matt

I forgot this was open :/

The problem due to a speed duplex error on the inside interface.

When the query was run the errors shown in a

show int ethernet1

output shot up, I cabled the inside interface directly to the SQL server and it ran fine, so I knew the problem had to be behind the PIX, turned out to be a 3com switch that couldnt "auto negotiate" with the PIX, I changed the inside interface to 10 Mb half duplex, and it all ran fine, it will remain this way till the client upgrades his switch.

Hope this helps you out

Pete

www.petenetlive.com

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: