cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
412
Views
0
Helpful
2
Replies

Firewall services module slow connection

2004.ahmed
Level 1
Level 1

Dear Friends,

i have firewall services module in 6500 switch and have 2 DMZ one for Application server and the other for Database server but the administration says the connection i slow but i have any logging explain this issue , i make test by pass the firewall and creating interface vlan on 6500 for each DMZ without creating interfaces access-list and the connection become normall.

Kindly , Could you advise me for that issue

Ahmed Abdel-Wahed

2 Replies 2

Yudong Wu
Level 7
Level 7

If the application is experiencing a slow response, it could be many reasons.

Based on your testing, if you bypassed FWSM, the application was back to normal. So the issue looks like on FWSM.

What kind of application/traffic is experiencing the slowness?

Does FWSM do the inspection on those traffic?

If yes, can you check the cpu utilization on FWSM?

Please do the packet capture on the related traffic to see if there is packet drop as well.

Also you might want to check if there are TCP SACK enabled on the FWSM and enabled it and also if there is a packet reorder to enabled to the np completion unit sysopt if your FWSM version supports it.

I hope it helps.

PK

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: