06-21-2016 01:53 AM
Hi,
HTTP uploads and intercepted HTTPS downloads also go at normal speeds. The performance hit is present on both S380 appliances and they are currently only being used for testing (no load). I also tried disabling CDS and outbound malware scanning without results.
Has anybody seen this difference in BW for uploads over intercepted HTTPS? Should I consider it as normal?
Kr
06-22-2016 06:11 PM
We haven't heard the same from other customer yet. Can you please run packet capture at WSA without any filter for HTTPs decryption enable and disable one and then compare them to see if you can find any clue?
06-29-2016 01:19 AM
We're doing explicit proxy and the WSA appliances are on 9.0.1-162. Disabling authentication for a specific IP address as a test did not show any improvements.
In fact it seems we're only experiencing these issues with Google Drive. No difference is noticed (in comparison with the old non-intercepting proxy) when using wetransfer or dropbox.
I've tried comparing packet captures when doing interception and when not but can't seem to find any hints in there.
06-29-2016 04:50 PM
Thanks for your update. As I could not reproduce this issue, would you please try the following steps to narrow down this issue.
1. Disable "Decrypt for Application Detection" in HTTPs proxy settings if it is enabled.
2. Try deploying another version virtual WSA to test it again to see if it is only happening on this specific version.
Please feel free to open a new Cisco TAC case and we do provide 24x7x365 support.
Hope it helps.
07-06-2016 05:27 AM
Thanks for your suggestions.
1. The "Decrypt for Application Detection" feature was disabled but no results, the upload speeds remain very slow.
2. I did not find the time yet to test with a virtual WSA on a different version but will try to do so next week.
In the
07-19-2016 10:23 AM
See the following the thread.
https://supportforums.cisco.com/discussion/12485001/wsa-slowing-upload-speed-half
09-05-2016 05:36 AM
Thanks for the tip.
I tried to disable the Data Security Policy but no change in behavior. Also upgraded to 9.1.1-074 but no difference. PDI closed the case and
06-28-2016 11:33 PM
How do you authenticate users? and which AsyncOS version are you using? I have experienced something similar to what you see.
All HTTPS traffic was slow in our case, and this was due to authentication issues.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: