We have PIX 515UR setup with 5 interfaces. Inside, Outside, DMZ1,DMZ2 and DMZ3. We have PIX configured to allow clients on inside interface (192.168.1.x) to access machines on DMZ3 (192.168.3.x). Using explorer in WinXP client, I open up window using admin share to a remote Win2000 server (\\192.168.3.3\c). Then I browse to a folder and copy/paste it to my local c: drive. The copy of a 10MB file may take 12 minutes?? If I plug my machine into the DMZ3 subnet and conduct the same test, it copies in 5 seconds. Simple test which indicates the PIX is the bottleneck. Anything configuration changes we can do to speed things up?
Our hardware is a PIX-515E with 32MB of RAM and CPU is a Pentium II 433 Mhz running PIX 6.3(5) software release.
Does this behaviour happens on other DMZs interfaces.. I recommend to first start ruling out physical connections config discrepancies, have you look at firewall DMZ3 interface stats for crc or other errors? check NIC settings or switchport stats for that server in DMZ3 .. if all these are not the issue, have a look at your PIX performance http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008009491c.shtml
but 10MB 12 minutes file copy sounds like packets are being dropped somewhere.