Yes, I feel the same, we are in the middle of redrawing this small part of our network and probably will recommend a Juniper solution too. In the mean time we have been trying different configurations and the closest thing to our CIR is about 80% down 55% up and that's only with 50% of memory resource being used...imagine if we push it any further....

hey thanks a lot.

How about looking at the interface statistics, hardcoding the interfaces etc. before writing it off.

Yes. Speed/duplex was hard coded and didn't make any diff. I can't hard code external interface because it goes to the cable modem and that's usually set to auto. I can't change cable modem configuration.

If I hard code external interface, it would negotiate to half duplex.

In short, this is a very poorly designed box with hyped up numbers about throughput. I would not recommend ASA5505 for anybody requiring more than 4Mbps of bandwidth.

First thing it came up to my mind was a duplex mismatch so I went to the ISP and got their switchport config and hardcoded the ASA to whatever they handoff was. it was set up as default, it improved the bandwidth a little bit but not to where it is supposed to be, interfaces statistics do not show any errors, collisions...only a few packages being drop due to firewall policies, I suspect it is a hardare issue as we had another box set today in the morning, we tftp config between them and the new box works just fine, the thing that's freaking me oout is that we could not find any errors or sort of alerts by looking at the switchports....anyways, I recomend Cisco most of the time to my clients but I think this little box is not worth what we paid for it.

I have one on the shelf here, I will set it up today and do some testing. Doesn't seem right.

You can check " show asp drop " statistics .. there could be number of reasons .. unfortunatetely you have to look into it.. I have seen ASA5505 bandwidth operatining just fine where ISP is 3 MB but internet router would have two T1s aggrated down/up is just about right.. I had one setup in one of our HK office but ISP hands of ethernet and do Rate limiting to 4M in ASA Down/Up sucks don't pass over 2MB .. even after ISP email me rate limiting config in their router to not call them liers.. :) ... interfaces was cleared of any errors but output of asp drop in ASA was high of TCP RST/FIN out of order.. Im still looking into it... sounds to me in my case rate limiting has somthing to do with this.. when I compare the two scenarios.

Ran a simple iperf test between 2 laptops connected to inside/outside of 5505...tested 90+Mbps.

Adam, that would be its throughput?

In that test, yes.

What kind of traffic did you use? icmp seems to work fine. I think TCP is where seems to be the problem. If you lab setup is not torn down, can you please tcp or even http and see how that comes out?

Thanks,

sam

I ran the iperf using tcp.

I don't know when my problem is then. The box works slow when connected to the ISP conenction. I will test if it works better internally just like your lab.