Internet slow down while accessing from ASA

pemasirid · ‎11-05-2008

Hi Currently we introduced a ASA5510 after our 1841 ADSL router. Users are complaining that after this migration internet browing got very slow and users are not able to update their anti-virus through synmentec web site.

I went through the config. and seems nothing wrong on it. Our topology is ADSL-->ASA5510-->core switch. Config of both are attached here.

Can anybody pls advise why im not able to get virus update (synmentec) via web and also why my internet traffic is slow?

Thanks

SOL10 · ‎11-07-2008

hi

having looked at your config, there should be no reason why users shouldnt be able to update the AV. however just a couple of things:

1) you dont need to apply the access list to the inside interface, because by default traffice from high security level (inside 100) to low security level (outside 0) is allowed.

2) is there a specific reason you have allowed ip any any to your outside interface? if not, the get rid of this as it exposes you to alot of threats. When users initiate a conenction to the internet, the ASA builds the TCP connection and keeps the state so traffic passes from the web back to the user so i dont see a need for that statement.

3) have you tested the AV update from your pc? can you download it? If you can then it is a client issue. check the clients dont have firewall turned on.

4)Are you running enterprise version of symantec AV? If so, the why not setup a server as a central point for your updates (from symantec) and get your clients to download updates from your server?

***Experts please clarify on any points i might have got wrong****

Re the speed issues, try checking the ASDM of your ASA and check the traffic on there.

DO a speed test using www.speedtest.net/ from a pc and compare against the speed you should be getting.

HTH and please rate if useful