Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IOS Firewall and some slow websites

I'm running IOS firewall on 2 different routers. A 2851 and a 2821. Both are running 12.4(3g) Adv Sec images. Both routers are connected to an internal WAN and also to an external ISP such as a cable modem. They also have LAN interfaces. Default gateway is the "outside" interface connected to the cable modems.

At both sites which are geographically dispersed I'm having very slow response from some websites. In particular If we connect a laptop directly to the cable modem it works fine. If we reroute the default gateway across the WAN to the HQ it works fine. The only time it's slow is when we're routing through the IOS firewall locally at each site. Accessing most sites is ok, it's just a couple that take a very long time (if ever) to finish loading.

I've tried removing the inspect statement from the inside interface. I've tried removing the http inspect statement specifically. I've even tried changing the MTU's to 1492. Even tried changing the NAT translation finrst-timeout to 3600! Nothing is making a difference.

Any suggestions on how to fix this? Or better yet, any debugging I can do?


New Member

Re: IOS Firewall and some slow websites


Are you able to post your config, I would also try upgrading your IOS. Also could you run the following:

debug ip inspect detail

Regards MJ

New Member

Re: IOS Firewall and some slow websites

Sorry but I can't post the entire config. I might be able to post snippets. What would be useful?

I did try upgrading to 12.4.21 and had the same result.