Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Firewall services module slow connection

Dear Friends,

i have firewall services module in 6500 switch and have 2 DMZ one for Application server and the other for Database server but the administration says the connection i slow but i have any logging explain this issue , i make test by pass the firewall and creating interface vlan on 6500 for each DMZ without creating interfaces access-list and the connection become normall.

Kindly , Could you advise me for that issue

Ahmed Abdel-Wahed


Re: Firewall services module slow connection

If the application is experiencing a slow response, it could be many reasons.

Based on your testing, if you bypassed FWSM, the application was back to normal. So the issue looks like on FWSM.

What kind of application/traffic is experiencing the slowness?

Does FWSM do the inspection on those traffic?

If yes, can you check the cpu utilization on FWSM?

Please do the packet capture on the related traffic to see if there is packet drop as well.

Cisco Employee

Re: Firewall services module slow connection

Also you might want to check if there are TCP SACK enabled on the FWSM and enabled it and also if there is a packet reorder to enabled to the np completion unit sysopt if your FWSM version supports it.

I hope it helps.