I was trying to check transfer speed from Cisco Any Connect, with only ports opened in firewall 443 & 80 with 1 destination , but to complete data transfer of 50MB file it takes around 40mins, but if all ports are unblocked in Firewall with 1 destination ,it takes only 9mins.
so wanted to know the correct port numbers which needs to be opened to make data transfer speed fast & why this behaviour.
thanks for your input, now i could get the required speed, now what I observed is, on xp machine it takes 8 to 10 mins for 100MB file, & on windows 7 it takes only 2mins, what could be the reason. On windows 7 under registry settings of Cisco Adapter the MTU size was zero, I did the same settings in XP ( MTU to 0 ) & I can't access the network path of cleint machine itself, it throws error network path not found, without any MTU size it works fine.
a customer has confronted me with a similar issue. They are using AnyConnect SSL Clients in their LAN, and noticed a severe performance drop on client side once connected via AnyConnect. I have set this up in a lab environment to compare LAN performance with AnyConnect SSL performance.
The ASA was configured from factory default and there was no traffic passing besides this test. AnyConnect used DTLS, and interface mtu on the ASA was 1500, the AnyConnect mtu was left unmodified, so I suspect the maximum of 1406 bytes was used.
- While AnyConnect was disconnected, Iperf reported bandwidth usage of about 300Mbps. This was what I was expecting.
- As soon as I was connected via AnyConnect, the bandwidth usage dropped tp about 80Mbps. I expected a slight drop, but not this much.
What causes such decrease in performance? Sure, if connected via the Internet, clients will most likely never notice this, but the customer uses AnyConnect SSL in a Gigabit LAN environment. Could the bottleneck be on the client side? The load and memory usage on the ASA side was very low. I have tried several ASA versions, but they all deliver similar results.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...