Slow throughput on PIX515 after upgrade from 6.3(2) to 6.3(5)

Unanswered Question
May 13th, 2009
User Badges:

Hi there,

I upgraded our PIX from 6.3(2) to 6.3(5). The upgrade went fine and everything seems to be working.

But we are discovering very slow internet connection now. Especially http traffic is very slow and doesn't work correctly.

Did Cisco do some changes in the http inspection in PIX OS 6.3(5) compared to older OS?

Or are there some troupleshoot tipps?

thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
JORGE RODRIGUEZ Wed, 05/13/2009 - 13:11
User Badges:
  • Green, 3000 points or more

Hi Juergen,

We still run 6.3(5) since over two years at one of our branches with 100 users there approximately no issues thus far.

I should however bring up an issue I did encounter next day after the upgrade , http pages not loading properly or loading half way, it was fixed by using fixup protocol dns maximum-length 1024 from its 512 dns packet size default value... perhaps this could not be your issue but worth checking, you may also go through the check list in bellow link. look closely at your cpu usage ..

Performance check list


juergenrieger Fri, 05/15/2009 - 04:41
User Badges:

Thanks for your advise. But i just discovered that this issue only appears with https traffic. do you think I should take out the fixup https command?


JORGE RODRIGUEZ Fri, 05/15/2009 - 12:31
User Badges:
  • Green, 3000 points or more

I would try disabling https inspection , if I recall from PIX 6.3 https is not among default app inspection protocols .. see if that makes any difference .



This Discussion