Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA and slow connection port 80 - http

Hi all,

I have problem with connection ASA 8.3.1

web_server1 port 80 (inside_in1,Sec.Level 100,vlan1) <--- ASA5550 (1Gb)---> (Sec.Level 100,inside_in2,vlan2) web_client dynamic port (wget)

wget (linux web tools) have speed 150KB/s. This is verry low.

Inspect mod is OFF

Migrate port 80 on 1080. It's OK, speed is  cca 70MB/s (1Gb network).

Ssh speed cca 25 MB/s.

Please help, thanks.

Best regards,

Martin


Configuration:

class-map priority-class
  match port tcp eq 1080
class-map inspection_default
  match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
  parameters
    message-length maximum 512
policy-map type inspect esmtp esmtp_map
  parameters
    no mask-banner
    allow-tls action log
policy-map global_policy
  class inspection_default
    inspect dns migrated_dns_map_1
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect esmtp esmtp_map
    inspect ip-options
    inspect ftp
policy-map qos_policy
  class priority-class
    police output 900000000 45000
   inspect http 
   police input 900000000 45000
!
service-policy global_policy global
service-policy qos_policy interface inside_1

Everyone's tags (5)
2 REPLIES
Cisco Employee

Re: ASA and slow connection port 80 - http

Hello,

I see that in your configuration, you are inspecting HTTP traffic. Can you turn it off?

policy-map qos_policy

  class priority-class

   no inspect http

Hope this helps.

Regards,

NT

New Member

Re: ASA and slow connection port 80 - http

Hi,

this inspect is for port 1080.

I try

no inspect http

in

policy-map qos_policy

Unfortunately, no results. Speed is low.

I'm using the routing between vlan1 and vlan2

Thanks for your response


MJ

1378
Views
0
Helpful
2
Replies