Cisco Firewall :: 2821 - High Latency With IOS Url Filtering Enabled
Aug 20, 2011
Im notice after configure the trend micro url filtering on a Cisco 2821 high latency on Http navigation, the latency on the ping for the requests shows a 245ms latency, but if i disable this feature on the router, returns to normal navigation and decrease the latency up to 70ms.
View 5 Replies
ADVERTISEMENT
Aug 16, 2012
I have Zone Based Firewall running on a 2821 router and would like to configure Url Filtering with Websence . IOS running on that device is c2800nm-adverterprisek9-mz.150-1.M7.bin . Once you have ZBF config you cant configure url-filtering using classic way ( ip inspect ) and this has to be done using class , policy maps .For this to to happen it is required to have match protocol http command under the class map , it wont work using the match access-group command.[code]
Once I put match protocol http command browsing becomes dead slow , also without using match protocol command I cant continue to configure Url Filtering . Is this a problem related to IOS where match protocol command isnt working fine . I have checked CPU utlization of Router and it was roughly near 7 percent .
View 2 Replies
View Related
Aug 14, 2011
Over the last couple of weeks I've been noticing high amounts of jitter and latency over my home network. I've come to some conclusions but am not 100% sure if they are correct or not.When one computer on the network opens a web page, loads a video off youtube or downloads something all of the computers on the network have considerably increased latency for a short period.I've tested 3 computers over WiFI watching ping commands and will show some below in a moment. Tested 1 computer using ethernet to connect to the router and its still affected by the issue. Ive also actually used the router to ping an outside source while the ping is increased and this is also affected. This has only been happening for the last 2 weeks.
Heres a list of hardware being used/software and os.
Windows 7 with a Belkin G enabled usb NIC
Windows XP with a realtek rtl8139/810x
Windows 7 (Friends laptop)
Router = Netgear dg834g
Settings
[code]...
So I've read up on QoS and understand that my router doesnt support it but I still dont understand how 1 person using youtube can affect my network that much. As before 2 weeks ago it did not affect it what so ever, and it didnt in my old house either. So what this means is that browsing is fine on the network, just whenever you try and play a game or anything that requires low latency anyone touching the network means you get massive jitter.
View 6 Replies
View Related
Jan 4, 2012
So I am at a bit of a loss here. For the past week or so, I have been getting random spikes of high latency in online games like World of Warcraft/Star Wars: The Old Republic/League of Legends/etc and I have no idea what could be causing it. My ping used to run around 30-80 and lately is has been spiking from 100 to over 700 randomly. I have tried everything I could think of like not using my router, power cycling my modem several times, making sure my drivers are updated, no programs in the background causing it, no firewalls/anti-virus programs causing it, and several other little things like that. I have also called my ISP and they said everything seems to be working fine. And here's another weird thing, according to speedtest.net, my service is running as it should be: [URL]. The server my service is connecting to is in the next town over which is ~15 minutes away so that couldn't be it either.
Here is my system specs:
OS Version: Microsoft Windows 7 Ultimate, 64 bit
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz, Intel64 Family 6 Model 26 Stepping 4
[Code].....
View 9 Replies
View Related
Sep 7, 2011
my latency values are extremely high, sometimes millions(!) of microseconds. THe problem is always solved by disconnecting the 11b/g wireless LAN adapter, or the Intel(R) Gigabit Network connection. However, I can't work without internet.
View 19 Replies
View Related
Jan 20, 2011
As of late whenever I, or any of my roommates, browse the internet we have noticed a slower browsing experience, where pages used to load instantly, there is now a noticeable delay in accessing web pages. Also, in playing online video games, whether it be on the PlayStation 3 or PC gaming, high latency is always present. The problem is present whether there is one computer connected, or five, Mac or PC, Wireless a/b/g/n or if connected through the ethernet port. What I ask is: What causes such behavior, and what can I do, if anything, to resolve this issue?
Running a DGL-4500 D-Link Router with Comcast service.
A trace route to google shows the following:
C:UsersAdministrator>tracert www.google.com
Tracing route to www.l.google.com [74.125.224.52]
[Code].....
View 2 Replies
View Related
Mar 21, 2011
last weekend i configured HSRP on our default gateway(Cisco 2600) and now i have the problem that the latency is constantly at 3ms and from time to time it goes up to 10 ms. Is that something i should have expected or is there someting wrong with my configuration? The standby ip adresses are the same adresses as the router interfaces had before and the CPU utilization is at 10 % so i do not know what happend here. I atached the config file so if you need further information i will gladly provid it.
View 4 Replies
View Related
May 27, 2013
\We have purchased AP 1041 and WLC 2500 and I am doing a testing on the configuration. It is fine when both AP and WLC are sitting on the same network. However, if I connect the AP to the WLC which is on another network, I found that latency is quite high when PING the gateway. Here is the brief topology.
AP (172.30.40.212) ------- (VLAN 1: 172.30.40.202) switch (VLAN 2: 172.30.41.202) ----------- (172.30.41.210) WLC
I try to plug the PC to VLAN 1 and do a PING test to the VLAN 1 interface and it causes some packet loss and high latency. [URL] If I do the debug ip udp on the AP, it seems the result is normal.
*May 28 13:53:36.951: UDP: sent src=172.30.40.212(26610), dst=172.30.41.210(5246), length=1069
*May 28 13:53:36.952: UDP: rcvd src=172.30.41.210(5246), dst=172.30.40.212(26610), length=89
*May 28 13:53:36.953: UDP: sent src=172.30.40.212(26610), dst=172.30.41.210(5246), length=685
*May 28 13:53:36.954: UDP: rcvd src=172.30.41.210(5246), dst=172.30.40.212(26610), length=89
Configuration:
AP 1041 Version: 15.2(2)JB
WLC 2500 version: 7.4.100.0
Both device are configured the static IP address manually with default setting and I do not enable DHCP option 43.
View 1 Replies
View Related
Apr 4, 2012
I have cisco 2811 at branch and 3845 at Head office. Two link with 256 kbps bandwidthe each. I did as follows: [code]
When link 1 down, traffic change to Tunnel 2. its OK.I want when link1 flaxuate or latency high (more than 60 ms) traffice change to tunnel 2. If link 2 goes high latency automatically change to tunnel 1.
View 1 Replies
View Related
Apr 17, 2012
When using this laptop (Toshiba Satellite C660D-1GD) on the forum it seemed unusually laggy when changing pages, whereas when using my Toshiba Satellite L450D it is always more positive.Decided to do some ping tests via the cmd prompt (after checking the error count via telnet) and they were in the hundreds.The L450D ping tests are spot on so I know it isn't the router (Billion Bipac 7800N)Been the usual route, totally uninstalled the wireless adaptor (Realtek RTL8188CE Wireless LAN 802.11n) including the Cisco elements, Eset and MBAM full scan and downloaded chipset drivers. Even factory reset the router and deleted the wireless profile including reg entries as a last resort.After each of those operations (other than reinstalling the wireless adaptor) the latency would be spot on and continued to be after an immediate reboot, but logging on a couple of hours later or the following morning, they would be very high again.After reinstalling the wireless adaptor for the second time, on a hunch I removed the Ethernet cable and run another test. The latency came in high but when I re-ran the test wired, they were spot on.
Phoned up KnowHow techs and read off the numbers who then put me onto 2nd level tech. He remotely connected and ran a couple of ping -n 50 tests as well as a tracert but was unable to replicate the results I was gettiing. As nothing was broken (for him), nothing to fix but to phone again if it continued.I rebooted after the phone call and got the high latency straight off. I wondered, as the latency returned to normal after certain operations I'd done, whether the remote connection had the same effect.Having been on the phone for 55mins, I'd had enough.These are two tests I've recorded from today which are together in one Wordpad doc, so you'll be able to see what I mean. Ctrl+C has been a bit erratic so they are the only ones I've been able to save. [code]
View 12 Replies
View Related
Jul 11, 2013
I'm trying to debug a latency / bandwidth issue with 2 servers ( DELL 860 ) connected by infiniband. Servers use 10Gb cards connected on a MTS2400, here are the result for bw and latency: [code]
Are those values 'normal'? I was hoping to get more bw and less latency.I'm using CentOS 6.4 with ib_ipoib driver, it's using stock settings.
View 2 Replies
View Related
Sep 30, 2012
I work for a small college. We have several Cisco 1200 Aironet deployed our the campus, all of which are configures to run multiple SSID's. The problem I have is that when I connect, via AP, it successfully connects to the desired SSID but on pinging the default gateway of said SSID I get high latency (avg around 100 - 200ms).When pinging from the switch (Cisco 2950) to the default gateway the latency is good (1-2ms). It is just high when I connect via the C1200 AP and try to ping.
View 1 Replies
View Related
Aug 19, 2012
We are facing issue of high Latency and slowness with Switch Cisco 4507R at the Customer site.show logging for the Switch and if there is any IOS related issue [BUG] or some other finding for this case.
View 1 Replies
View Related
Jan 26, 2013
Recently me and my girlfriend have been having issues with in game latency, receiving pings close to jittering to well over 300 where they were formerly in the 30-40s to identical servers. We live with a Chinese housemate who is extremely conscious of her privacy/personal space, we noticed a dirge of active ports on the router (both TCP and UDP) which seemed to have no association with any major application and assumed it was the old P2P boogie-monster. She is the only one who uses Wifi, an upon briefly deactivating the Wifi, all ping issues were instantly resolved. The bizarre thing is we still have plently of up/download bandwidth, I mean we're not swimming in a fibre optic connection but still a relatively healthy 1MB dl/70KB/s ul, more than enough for gaming.Deciding we needed a better idea of what was going on in the network, we downloaded Wireshark. We discovered a couple of things that might mean something, they might mean nothing at all:Firstly there was a deluge of random ARP requests coming from the suspect IP, something along the lines of:"who has 192.168.0.(random number) Tell (suspect computer's IP)"repeated over and over in bursts. A little googling found us this: Has Your Network been Now given that she is Chinese and is probably exposed to a lot of Chinese websites, is there any chance that this could be the root cause - could it drown the network to the extent that it produces terrible pings?Secondly there have been an inordinate amount of name queries coming from her IP to 192.168.0.255 (broadcast channel), they generally take the form of:
NBNS92Name query NB WPAD<00>
or
NBNS92Name query NB ISATAP<00>
and occasionally, it will name query my network id, leading to: (her ip being 192.168.0.3)
2144211275.734470000192.168.0.3 192.168.0.255NBNS92Name query NB (my id)<20>
2144231275.739314000192.168.0.3 (my id)TCP6658451 > netbios-ssn [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=4 SACK_PERM=1
2144251275.741325000192.168.0.3 (my id)NBSS126Session request, to (my network id)<20> from (her network id)<00>
2144271275.744124000192.168.0.3 (my id)SMB213Negotiate Protocol Request
[code]....
Now combine this with the sometimes 9-10 active ports our router assigns to her IP (which don't appear to relate to anything according to numerous port id sites), does this send out a red flag to any of you? I realize it would be so much easier if I could get access to her computer, but as I said, she is very private and timid and doesn't seem to like even having people in her room, let alone letting them use her computer.
View 1 Replies
View Related
Mar 6, 2013
I have a WRT54G2 router (V1) with the most recent firmware that serves as the gateway between my Internet connection and my home network. Over the past few months, I've noticed that the router seems to consistently become unusable due to high latency when it runs for any period of time. The internet connection is working, but the latency is sometimes as high as 2000ms to ping Google or to run a test from Speedtest.net. When a computer is directly plugged into the cable modem provided by my ISP, the problems resolve.
Restarting the router proivdes a resolution of the problem, but over time the latency issues increase again until it needs to be restarted. Right now, I have it on a mechanical (plug) timer that restarts it every morning around 4AM, but this still doesn't seem to fix the overall issue; I've had to restart the router manually twice today. Before restart, my ping will be over 1000ms; afterward, it will drop back to 20-60ms.Note that the download and upload speeds don't seem to be affected by this, just the latency itself.
The problem appears on both wireless and wired connections.I'm not sure if this is a sign that our router is failing (it was purchased in 2009, so as far as consumer-grade solutions go, it's lasted a pretty decent span), or if there's some misconfiguration on my end, or if something with my ISP is making my router flip out. What can/should I do to fix this issue (please note that flashing the router with DD-WRT is not an option, this version generally sees decreased performance when DD-WRT is installed).EDITED TO ADD: I have ruled out internal traffic causing the problem (I reviewed the log files for the router and tried to identify any unknown stuff, but it seems fine). I can't quite figure out exactly what causes the router to develop the issue, but once it does, I've noticed the following:
Extremely high latency (1000ms+) for pings from any computer inside the network to an outside destination?The router itself cannot ping or traceroute once it has started developing these high latency issues - if you use the router's PING feature, it returns all timeouts.It does not seem to correlate with any specific type of traffic.
View 1 Replies
View Related
Nov 25, 2012
i have a cisco 3560x poe. ny currnet version is 12.2(58)SE2.the cpu process is aboute 30% average.my problem is- ping to the switch itself show me 12ms which is high latency.*note- data between two hosts no this has no latency.i realize the packet go into the cpu itself but, the cpu is not loaded�usy. so my question is- is this natural behavior?
View 2 Replies
View Related
Jan 27, 2013
My network Infrastructure consists of 2 core switches(cisco 3950, 24 port) and 3 access switches (cisco 2960G, 48port). No distribution layer.Both Core switches are connected to the BVI of a VPN router.PVST is running in all switches. The STP results are all good. We have 3 VLAN's in the LAN an IP routing is enables in the core switch. The network diagram is attached.
The issue we are facing is that , we get intermittent packet drops while pinging towards the access switches, and there is always a higher latency towards these assess switches.These issues are present even with no other users using the LAN. But these issues are not present while pinging towards the GW.
I guess, it is because of this, we have issues the accessing file server in the LAN. How do we go ahead with the troubleshooting. Will upgrading the IOS resolve this.The present version details is..
WS-C2960G-48TC-L 12.2(44)SE6 C2960-LANBASEK9-M
View 2 Replies
View Related
Mar 18, 2012
I have the same issue with Toshiba satellite AA665D-s6091 I expierience crackling sound when playing. peaks appeared when I had either the (cable and wireless) adaptors enabled, when I enable/disable the backlit keyboard and also when I enable/disable eco-mode.A Windows and driver update fixed the cable adaptor issue.
I ran the commands in post #19:
netsh int tcp set global autotuninglevel=disabled
netsh int tcp set global congestionprovider=ctcp
netsh int tcp set global dca=enabled
The wireless adaptor issue was fixed with these, however every time y enable/disable backlit keyboard or eco-mode on my laptop I still get this latency peaks around 18000 us and audio clicks. I check latency with DPC latency checker V1.3.0?
View 1 Replies
View Related
Feb 7, 2012
I have come across articles mentioning that URL Filtering can be implemented by using ASA 5505 with URL Filtering Servers. But Websense and other Web Filtering Servers are paid ones ? Are there any free solutions available ? What exactly is N2H2 ? The reason is I don 't want to increase the CPU utilization of ASA by implementing URL filtering within the device. If I have around 30 nodes which connects to the internet via a 2Mbps line through ASA 5505 and if I want to block around say 10 or 15 URLs , will it increase CU utilization beyond permissible limits ? Currently the CPU Utilization is around 10 - 15 . Here's the infrastructure setup .
------------------------------------------------------------
Nodes -->Switches-->ASA 5505-->Internet
-------------------------------------------------------------
View 4 Replies
View Related
Mar 10, 2011
Product: Linksys Wireless-G Broadband Router WRT54G
Version: 6
Firmware: Has Been Updated
I am directly connected to my router. Lately, I have been receiving high latency spikes and total loss of internet. The problem must be related to my router, because when I connect to the internet through my modem I don't have this problem.
View 9 Replies
View Related
Jan 19, 2010
I have a Router 2821 with c2800nm-advipservicesk9-mz.124-24.T1.bin and with a Cisco Integrated Service Engine(s) Cisco Unity Express 7.1.1 in slot 1 , this router shows a high cpu utilization.I think is a bug with the IOS , because there is no voicemail configured on the CUE, there is no traffic to the CUE , just traffic from:
- voice calls
- ospf
The ospf is not the cause of the high cpu , because the high cpu utilization appears before I put the ospf proccess on the router.
View 4 Replies
View Related
Sep 25, 2012
We've got Cisco 2821 for our 90mb/s Internet Access. Its CPU usage is around 80%. Show process cpu does not show any cpu proccess with high utilization. But we have got plenty of policing configured for our clients using policy maps. Can this policing affect cpu usage?
View 1 Replies
View Related
Apr 8, 2013
I am having an issue pinpointing why my 2821 router is discarding so many packets when transferring data to our second site. The traffic flows from the local lan, to the router, where it is redirected via WCCP to a WAN optimization device, back to the router and over a GRE tunnel to the second site where the same process happens. The traffic does get there, but the LAN/Repeater router interfaces have around 20,000-60,000 input drops an hour. From the output below, it looks like traffic is being dropped by the RP.
I just restarted the router as a last resort, and here is what has accumulated in the last 30 min:
FastEthernet0/0/1 is up, line protocol is up
Hardware is Fast Ethernet, address is 0025.840c.7680 (bia 0025.840c.7680)
[code]....
And CPU never goes above 40%
100
90
80
70
[code]...
View 17 Replies
View Related
Apr 25, 2010
I've been searching high and low for a "blank" stencil to fill in module and WIC areas of a 2821 router that I'm diagraming. Where I can get a hold of something that will work? It seems that Cisco is somewhat lax lately on their visio stencil offerings.
View 6 Replies
View Related
Nov 3, 2012
I recently moved from an old apartment in Downtown Montreal, to a suburb area, but still close to where I was before (10 km). I am using the same ISP provider, Videotron. The same speed. I was playing this game, Chivalry Medieval warfare, perfectly fine before, but now something is really wrong. Whenever I join a server, my ping skyrockets up to close to 200, sometimes drifting to 130 but never going below... and often rising back up again.Keep in mind that I filter servers by their pings. I only join servers that display a low ping (although often I won't see any, when I refresh.. there they are). I'll see a server with 30 ping, join it, and be at 200.It's entirely unplayable. Not only is it impossible to properly time parries anymore, but I also get a lot of rubberbanding. I've tested the internet here, and the speeds are accurate. 10 mbps down, 1 mbps up. I am connected to a Linksys E1200 router. I've tried everything I can possibly think of.I went into the router setup, disabled the firewall, added myself to a DMZ, tried to forward every port... rebooted the modem, my computer, the router, tried a different Ethernet cable.. nothing is working. It's very depressing. Nothing has changed on my own computer in the move. I also notice there is a delay of a second or so before I start to load a webpage when I click a link.
View 9 Replies
View Related
Oct 13, 2011
Today I've received reports of slow internet access/activity and have noticed myself that it seems a bit slow today. On the dashboard of our asa 5510 the "outside interface" traffic usage is running constantly high. It's at the top of the graph. How can I tell what is causing the spike in utilization. It usually runs at about 1500-2000 Kbps, and now it's up over 10,000.
View 6 Replies
View Related
Dec 11, 2010
We have cisoc 2821 at one of branch and created five sub inetrfaces for different vlans.Output of Show interface shows very frequent increase in the input error count.I have changed the physical cable and switch port on the other side.But still error rate is increasing.When the traffic is less error rate is low but with high traffic it is increasing drastically.My router process is very less(4%) only.What could be possible reason. [code]
View 8 Replies
View Related
Apr 16, 2013
I am wondering what is Latency value for Cisco ASA 5585X and 5555X . I can see on websites that it says "low latency firewall" but I dont see any value.
View 1 Replies
View Related
Jul 27, 2011
I've been trying to configured Websense urlfiltering using ZFW feature on my Cisco 881G router. The router is running on IOS 15.0(1)M with Advanced IP Services. And I have confirmed it supports urlfilter feature.
This is what I tried to accomplish but IOS version 15.0x seems to have different command set.
-----------------------
class-map type inspect httptraffic
match protocol http
parameter-map type urlfilter param
server vendor websense 10.20.30.40
[Code]...
View 2 Replies
View Related
May 16, 2013
Could URL FIltering be implemented on Cisco ASA 5505-BUN-k9?i mean to block certain websites, like facebook, youtube, to block certain download files like .exe, .com .bat etc....Is there any extra license needed for this, or it could be done with the simple IOS ASA5505-bun-k9?
View 4 Replies
View Related
Apr 18, 2012
I try to implement the url filtering feature on a cisco 2811 router and whenever i enable the parameter map patterns the router retuns (after some time)
%Unable to compile obj regex.[code] The result is that the router blocks ALL webpages without giving a block page message.
View 2 Replies
View Related
Mar 7, 2011
I have a problem configuring url filtering on ASA 5505 rel 8.3.1: I have to block the web navigation to facebook and, with my configuration, it works fine.The problem is when I try to access on other sites where there are a links to facebook, I cannot see that site and not only the button of facebook.
regex urllist1 ".*.([Ee][Xx][Ee]|[Cc][Oo][Mm]|[Bb][Aa][Tt]) HTTP/1.[01]"
regex urllist2 ".*.([Pp][Ii][Ff]|[Vv][Bb][Ss]|[Ww][Ss][Hh]) HTTP/1.[01]"
regex urllist3 ".*.([Dd][Oo][Cc]|[Xx][Ll][Ss]|[Pp][Pp][Tt]) HTTP/1.[01]"
regex urllist4 ".*.([Zz][Ii][Pp]|[Tt][Aa][Rr]|[Tt][Gg][Zz]) HTTP/1.[01]"
[code]....
View 3 Replies
View Related
Jul 13, 2012
I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled. I see the following commands defining packet inspection done by the firewall software.
-ip inspect name inet-users tcp
-ip inspect name inet-users udp
-ip inspect name inet-users icmp
What I am trying to define is the inspect name "inet-users". It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.What does "inet-users" define? I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct? The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.
View 1 Replies
View Related
