Poor HTTP performance since servers were moved behind a firewall

Unanswered Question
Mar 7th, 2008
User Badges:

Hi,


I have a performance issue were i have two appliances that used to sit on a server vlan infront of a firewall they were then moved to DMZ behind the firewall and now HTTP performance is really slow from the client VLAN but ok from the server VLAN. I have checked the firewall rules and can ping fine.


Has anyone any ideas.


Thanks


Kev

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jojuarez Sat, 03/08/2008 - 20:15
User Badges:

Hi,


Try to connect the server directly to DMZ interface (and when I say direcly I mean no other device between the firewall and the server, no hubs, no switches, no nothing). If the issue continues, look for errors on the interface using the "sh interface" command.


http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s3_72.html#wp1283345


You may also try to remove http inspection and change mss value to 1300, for instance.

kevinhobson2000 Sun, 03/09/2008 - 11:20
User Badges:

Hi,


I figured out waht this was it was a static route on the firewall that was pointing to the wrong next hop.


Cheers


Kev

Actions

This Discussion