Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

URL filtering causes slowness

i have a PIX 515 and am using smartfilter to filter traffic from my LAN to the Internet, and the DMZ. When users are trying to access web server on my DMZ, it is noticeably slow. As soon as I turn the filtering off it moves fast like it is on the same LAN. Right now no inside hosts are using the filtering for Internet traffic, all our Internet traffic gets directed from our router to a frame relay network to our Atlanta location, so I know it's not the filtering server being overworked. When our users were going through the PIX to Internet hosts, it screamed since we were using Comcast high speed, so it seems to only be affecting DMZ web sites. Something appears to be wrong with the PIX communicating effectively with the filter. However, I have syslog enabled, and know that the PIX has not lost communication with the filtering server, Some of my config is as follows, (I've included the DMZ access list, but don't see anything on the syslog server being blocked when the slowness is apparent)

url-server (inside) vendor n2h2 host HBG-Filter port 4005 timeout 5 protocol TCP

ip address outside

ip address inside

ip address DMZ

global (outside) 1 interface

global (inside) 1 interface

global (DMZ) 1 interface

nat (inside) 1 0 0

nat (DMZ) 1 0 0

static (DMZ,inside) netmask 0 0

static (inside,DMZ) HBG-Filter HBG-Filter netmask 0 0

access-group outside_acl_in in interface outside

access-group dmz_access_in in interface DMZ

route outside 1

route inside 1

route inside 1

Thank you,


New Member

Re: URL filtering causes slowness

I think I found a possible solution. I can make an exception for filtering to that host. I still don't know why it is slow, but...

filter url except

CreatePlease login to create content