Normally the easiest solution is to use the VAC. However the PIX VAC is supported on PIX 515, 520, 525, and 535 platforms only. The only option that leaves us is to be selective about the traffic that is encrypted instead of encrypting all the traffic that goes through. This will definately improve throughput.
Well, i´m gettin quite worried here. I have a lot of customers running PIX 501 and most of them have some sort of performance problems.
Most of my customers have problems with Citrix .ICA traffic that gets disconnected randomly. (different customers, different internet-accesses)
I have search the bug toolkit and have found a lot of bugs with ISAKMP, some regarding Citrix. They state that you should lower the MTU to 1400 or less.....
Why not tell us what the working MTU should be ! Could this setting resolve most issues with Citrix disconnects ?
..or is the Cisco PIX 501 a low cost product like the Cisco 700 series router...?
I dont know if Cisco does really care about this low cost products, but I have had to watch competitors replace a 501 with their firewall and (in one case a product called Q100) it worked just fine with the same settings...
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...