Slow throughput on PIX515 after upgrade from 6.3(2) to 6.3(5)

Unanswered Question
May 13th, 2009

Hi there,

I upgraded our PIX from 6.3(2) to 6.3(5). The upgrade went fine and everything seems to be working.

But we are discovering very slow internet connection now. Especially http traffic is very slow and doesn't work correctly.

Did Cisco do some changes in the http inspection in PIX OS 6.3(5) compared to older OS?

Or are there some troupleshoot tipps?

thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Wed, 05/13/2009 - 13:11

Hi Juergen,

We still run 6.3(5) since over two years at one of our branches with 100 users there approximately no issues thus far.

I should however bring up an issue I did encounter next day after the upgrade , http pages not loading properly or loading half way, it was fixed by using fixup protocol dns maximum-length 1024 from its 512 dns packet size default value... perhaps this could not be your issue but worth checking, you may also go through the check list in bellow link. look closely at your cpu usage ..

Performance check list

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml

Regards

juergenrieger Fri, 05/15/2009 - 04:41

Thanks for your advise. But i just discovered that this issue only appears with https traffic. do you think I should take out the fixup https command?

thanks

JORGE RODRIGUEZ Fri, 05/15/2009 - 12:31

I would try disabling https inspection , if I recall from PIX 6.3 https is not among default app inspection protocols .. see if that makes any difference .

Regards

Actions

This Discussion