Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA5505 - PERFORMANCE ISSUE

I HAVE AN ASA5505 WITH IP PLUS LICENCE.

I WOULD LIKE TO HAVE AN IDEA HOW MANY USERS CAN THIS ASA SUPPORT.

CURRENTLY IM HAVING PERFORMANCE ISSUE.

HOW CAN I CHECK THIS?.

THE ASDM SHOW ME 18% OF CPU UTILIZATION AND 170MB OF MEMORY IN USE (86MB FREE).

I HAVE FEWS ACL IN THE OUTSIDE INTERFACE (ALLOWING HTTP,POP3,SMTP,SSH,FTP,MSSQL ODBC AND DOMAIN). WHAT IS THE KEY TO KNOW IF THE ASA5505 WAS A WRONG DESCITION....

THANKS

4 REPLIES
Gold

Re: ASA5505 - PERFORMANCE ISSUE

i trust you've already seen this link?

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html

keep in mind that these numbers are from a controlled lab environment with very basic traffic patterns. actual use probably won't come close to these numbers, especially for extended periods of time.

aside from your cpu/memory statistics, why do you think you have a performance issue? any other symptoms?

New Member

Re: ASA5505 - PERFORMANCE ISSUE

one of the interface is dropping conections, there is not acl on the interface.

if i connect my pc instead of the asa interface using the ip of that interface i can connect to other server, services, etc.

that interface in the asa is conected a router.

Gold

Re: ASA5505 - PERFORMANCE ISSUE

is the interface dropping connections or dropping packets?

results of "show interface" and "show asp drop"?

New Member

Re: ASA5505 - PERFORMANCE ISSUE

I found the problem but i dont know how to solve it.

I replace a linux firewall with a ASA5505-sec-bin-k9.

The customer have two remote sites conected in the following way:

The carrier give me (the customer) a LAN connection, a 10/100 wire, but on this LAN there are two routers, one for on remote site and the other for other remote site.

I plug this cable in a L2 switch and two ASA ports one port of the ASA have an ip and the other with another ip.

The perforamce of the ASA is bad with both interfaces conected simultaneosly to that L2 SW. Testing individually each interface alone, it work fine.

How can I preven that both interfaces are listening the same trafic ?.

With the two interfaces conected simultaneusly , one interface is denying the trafic that the other is forwarding, but the total efect is that is dropping packets in both interfaces. How can solve this issue.

be aware that is not possible righ now the carrier change the way that is offering the service.

Thanks.

694
Views
0
Helpful
4
Replies
CreatePlease login to create content