cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
316
Views
0
Helpful
2
Replies

Poor HTTP performance since servers were moved behind a firewall

kevinhobson2000
Level 1
Level 1

Hi,

I have a performance issue were i have two appliances that used to sit on a server vlan infront of a firewall they were then moved to DMZ behind the firewall and now HTTP performance is really slow from the client VLAN but ok from the server VLAN. I have checked the firewall rules and can ping fine.

Has anyone any ideas.

Thanks

Kev

2 Replies 2

jojuarez
Level 1
Level 1

Hi,

Try to connect the server directly to DMZ interface (and when I say direcly I mean no other device between the firewall and the server, no hubs, no switches, no nothing). If the issue continues, look for errors on the interface using the "sh interface" command.

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/s3_72.html#wp1283345

You may also try to remove http inspection and change mss value to 1300, for instance.

Hi,

I figured out waht this was it was a static route on the firewall that was pointing to the wrong next hop.

Cheers

Kev

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: