Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX 515E Speed problems

Hello all

We have recently upgraded our Internet capacity to 100/100 from 10/10.

Problem is that we only get 50Mbit upload, 10-13 Mbit download.

I got those results having the PC behind the pix. I also moved the laptop outside the firewall and got 80/80 Mbit.

The PIX interfaces is at 100FULL with no collisions / errors at all

The inside interface is connected to an cisco 3560, no collisions there and that interface is at 100Full too.

The switch on the "outside" is our ISP.

Thats the switch I connected my laptop into and got 80/80.

I'm gonna try and switch port in the ISP switch and change cable when I do my next planned night work. But does anyone else have any good ideas on what could be capping the speed in the PIX otherwise?

MTU 1500

I've also checked the LED's on the ISP switch and they indicate all ports @ 100Full..

Thank you

4 REPLIES
Cisco Employee

Re: PIX 515E Speed problems

If you are using an internet website for testing speed,I would say they are not so reliable when behind the pix/asa.

You should use your isp's ftp server for testing the upload / download when behind pix and bypassing it.It would give u a fair idea what the REAL speed is.

I can tell you many people use the online tests and they never get true results when being behind a firewall.

If you want to confirm,take captures on ingress and egress interface of firewall and check the timestamps corresponding to the packets....you would not see any latency introduced by the firewall.

Regards,

Sushil

New Member

Re: PIX 515E Speed problems

I have also done extensive speed tests with 515Es and they always report very poorly for me as well. Not really sure the reason for this but I finally replaced mine with a router running NAT. Performance increased after 6.3(5) to 7.0(8) upgrade but still doesn't approach my 3620 router in terms of the test results.

Cisco Employee

Re: PIX 515E Speed problems

Please try a speed test that does not include an online http speed test system. The

problem with these are:

- They use a small amount of traffic to interpolate the throughput.

- It is using http, which the pix must inspect, and if those packets are out of order they

might be dropped.

Also, there is no way to mitigate the drop problem due to the out of order packets, short

of disabling the http fixup.

So, please do the following:

1) Determine if your ISP has a speed test system that uses a protocol like FTP

2) Determine if your ISP has a speed test system that has a download of a larger length

3) Put a pc on the outside of the PIX and do a FTP transfer to that PC directly outside

the pix. This will help to determine if the pix is causing the slowdown.

Regards,

Sushil

New Member

Re: PIX 515E Speed problems

Thanks for all the replies.

I've done some download testing and only got the speed to max at 500-600 kB/s.

Going to try some ftp/torrent action tomorrow and having the PC outside the PIX

154
Views
0
Helpful
4
Replies