I'm attempting to configure qos on our ASA 5505 and I'm not sure how to determine what our average and burst rates should be.The applications being used will be RDP over a ipsec tunnel, so it is somewhat sensitive to latency.The final setup will be a 1.54Mb T1 line, but in testing I have a DSL connection with .70Mb U/L speed.
View 3 RepliesWhen my desktop is on wireless, I get max burst of 2 MBps (Megabytes per sec), or about 16 Mbps (Megabits). Ok.I recently got a pair of Netgear MCAB1001 coax over ethernet adaptersStill getting about 2 MBps, 16 Mbps.The MoCA units are rated for 100 Mbps, or about 12 MBps I'm only getting 17% of rated speed. I know that the performance depends a lot on how many coax splitter you have in the house, maybe even the type of frequency the splitter filter out, how long the runs are, and other hardware cable stuff.But, I wonder why I keep maxing out at 2MBps on both wireless and the MoCA coax setup. Is that just a coincidence? Or is my computer setup weird?This is my test setup:LAN RouterPort 1) Computer #1Port 2) MoCA #1MoCA #2: connected directly to Computer #2.Basically, there is a switch on coax network between Lan Router port 2 and Computer #2. All ports are rated at 100 Mbps, your standard 10/100 ports. I can verify this on the network status.
View 3 Replies View RelatedFor about 7/24th of the day it'll be fine. But the rest of the day it will be riddled with burst packet loss. For example when I'm pinging.It'll go "Done
Done
Done
Done
Done
Request timed out
Timed out
Timed out
[code]....
Due to how it's only certain times it happens and other times it's perfect leads me to believe it's my ISP.
The layout of the equipments are as such,other equipment <--> 2911 Router <--> Ether-Switch/3925 Router <--> 7206 <--> Internet,During certain times at night, the 2911 exhibits cpu load, high packet loss and an increase in bandwidth of at least twice it's normal amount. this results in packet loss in all the other equipment. I am attempting to locate who was demanding such a high burst but so far the graphs display normal rates for all the other equipment.Because the 2911 demands an increase from the 7206, the 7206 is able to accommodate this as it still has balance BUT my other equipment that are connected to the 7206 takes a drop in bandwidth as well. the graph shows that when the 7206 bursts higher, the rest of my other links take a slight drop in bandwidth.Also, the graph from Ether-switch to 2911 indicates the bandwidth hike BUT the graph from 2911 to ether-switch does not display the same thing as due to the cpu load, the data is somehow not captured properly.
View 2 Replies View RelatedIt is a single router with dual ISPs. It is a 2800 and there is failover configured. I have implemented object tracking and the feature works great except that lately, whenever there is a lot of traffic coming perhaps from the internal users, we start getting intermittent outages.
I have gone deep into looking into this problem and have determined that our ISP#1 does not have any problems. What I think is happening is that whenever the router receives a lot of packets (30-40 users on the internal network) destined to the outside, the router CPU maybe gets too busy and the router then believes that the objects are no longer reachable and it triggers a failover which causes the router to re-direct traffic to the ISP#2. Then, because these are just quick burst of traffic, in the next 30 to 45 seconds after the router re-directed the traffic to ISP#2, the router object tracking engine detects that the objects are now again reachable and this then causes the router to re-direct all traffic back to ISP#1.
This cycle then continues all day on how to prevent this.
Is there a way to perhaps tell the router to completely shut down the interface facing ISP#1 whenever there is a hicup and to keep it shutdown for at least 8 hours? This way I can prevent the router from going crazy.
Or is there a way to perhaps prevent this at the internal (LAN) interface? Are there some metrics like QoS that I can implement on the internal Fast Ethernet Interface to prevent the burst of traffic from eating up the CPU?
i upgraded my internet package home from 1 mb to 4 mb and i wanted to confirm some thing what is the general range in download speed for a 4mb connection (400 kbps to 450kbps) or 345 kbps?
View 1 Replies View RelatedWhat is the average memory usage for a Cisco 5508 with 500 APs (mostly 3502s) running 7.0.116.0 code? I am currently at 450 access points and have 80% memory usage should I be concerned?
View 6 Replies View RelatedI am working at a client site that is an MPLS customer. The customer has an MPLS circuit that runs between their Main HQ and their Disaster Recovery site. I have been asked to analyze and report as well on the way the Qos Policy is written, and to provide any recommendations on how they can improve performance.There is a statement within the Qos Policy as it exists at each end on the 3825 routers. The statement is called "shape average percent". Here is the policy from one side:
policy-map QoS
class COS2_traffic
set dscp af31
shape average percent 12
bandwidth percent 13
[code]....
What does this statement mean and how is it different than the the "bandwidth percent" statement?
At my workplace, we have high speed internet (dsl). We don't have Wifi or a full time tech guy at the moment. I was thinking about proposing it since I generally handle most of the technical items at my job, but wanted to verify a few things first. First of all.. on a work network.. is it any more difficult than your average home network to set up a wifi router? Anything special I should know before attempting to set one up?
View 1 Replies View RelatedI'm interested how to enable or use the "SpeedBurst" option on Linksys WRT54GH router?
View 1 Replies View RelatedI have a bandwidth-intensive video conferencing device connected to a router. I have forwarded all the necessary ports to the device (and I have even tried DMZ) but the device is unable to connect to some servers due to "NAT issues". The device uses lots of ports simultaneously to connect and I am wondering maybe possibly the router can not handle the number of open ports. The ISP only blocks port 25 which the device does not use. Could it be that the ISP limits the number of ports that are in use? Or maybe the ISP limits the amount of bandwidth that can pass through certain ports?
View 4 Replies View RelatedI want to determine if i completely understand the meaning of forwarding rates on a switch. From my understanding, if The port density on my switch is 48, each at a 1G speed i have a total of 48Gbs. however, if a switch, for example the 2960 has a forwarding rate is 40Gbs, I take it to mean that i cannot get 48Gbs of through put but only 40Gbs,is this correct ?
View 3 Replies View Relatedhere is my setup:
Router: DIR-655 B1 2.00NA
Desktop1: DWA-160 A1 1.80 [IP: x.x.x.104]
Desktop2: DWA-160 A1 1.80 [IP: x.x.x.103]
Laptop: Intel WiFi 5300 AGN [IP: x.x.x.100]
iPad 2 (1): [IP: x.x.x.101]
iPad 2 (2):
Router Config, Status, and Inssider Report:
[URL]
I am using an old Asus netbook as a file server in home network which I connect through Ipad over ftp. It works for the most of daily tasks fine though but the connection is with rates under 1 Mbps still slow for data intensive tasks. My question is: if I buy a new hard drive with wireless access capability could I hope for significantly better transfer rates? If not, then I can't see any point why someone would buy this devices which in some cases can only be accessed over the network. what is wrong with my configuration that I get significantly slower rates? I run SuSE Linux on the netbook, the ftp deamon is vsftp and have a 54 Mbps wireless router which I think can still be considered standard. Is there anything I can do to increase the ftp transfer rates? I think it should be possible since even downloads over http on the same machine often exceed it.
View 2 Replies View RelatedNetwork settings. What I want to do is limit the rate that people can download files from my webserver remotely. LAN connections should still be able to transfer at full speed, but anything outside of the local network should be limited to 200Kbps per connection. Is that even possible? Can I limit the number of connections per client (probably by IP)?
If this can't be done at the OS level, is there any way I could script it using PHP? Maybe read X bytes into a file and then sleep...
I have a normal setup of ASA5505 (without security license) connected behind an internet router. From the ASA5505 console I can ping the Internet. However, users behind the Firewall on the internal LAN, cannot ping the Internet even though NATing is configured. The users can ping the Inside interface of the Firewall so there is no internal reachability problem. In addition, I noticed that the NAT inside access list is not having any hit counts at all when users are trying to reach the internet.
When i replace the ASA5505 with a router with NAT overload configuration on it, the setup works normally and users are able to browse the internet.
The ASA5505 configuration is shown below.
hostname Firewall
interface Ethernet0/0
description Connected To Internet Router
switchport access vlan 10
[Code].....
i have asa 5505 with the asdm v5.2 (4), and the asa v7.2(4). This platform has a base license. if i upgrade adsm and asa on v6.2(1) and v8.2(2) if I lose my license and that you need to activate them? i configured site to site vpn (this firewall and the another) that i lose my configuration if i upgrade my firewall.
View 2 Replies View RelatedI've recently upgraded my old firewall from a PIX to an ASA5505 and have been trying to match up the configuration settings to no avail. I have is that I can't ping the new firewall on it's inside interface, despite having "icmp permit any inside" in the running config. Secondly, the server I have on there ("Sar") can't connect out to the internet.I've included the ASA's running config incase anybody can see if something stands out. I have a feeling it's either not letting anything onto the inside interface, or there is no nat going on. Lastly (and possibly relevant), the firewall is actually going at the end of a vlan, which is different to the firewall's inside vlan number. I don't know if this is actually the problem because the server can't connect out even if connected directly into the firewall.
View 32 Replies View RelatedInternet ISP -> Juniper SRX 210 Ge-0/0/0
Juniper fe0/0/2 -> Cisco ASA 5505
Cisco ASA 5505 - >Inernal LAN switch.
1. Internet is connected to Juniper Ge0/0/0 via /30 IP.
2. Juniper fe0/0/2 port is configured as inet port and configured the Internal public LAN pool provided by the ISP. And this port is directly connected to Cisco ASA 5505 E0/0. Its a /28 pool IP address. This interface is configured as outside and security level set to 0.
From Juniper SRX, am able to ping public Internet IPs (8.8.8.8).
Issue:
1. From ASA am unable to ping public ip configured on Juniper G0/0/0 port.(/30)
2. From ASA no other Public internet IP is pinging.
Troubleshooting Done so far.
1, Configured icmp inspection on ASA.
2. Used the packet tracer in ASA, it shows the packet is flowing outside without a drop.
3. Allowed all services in untrust zone in bound traffic in Juniper SRX.
4. Viewed the logs when I was trying the ping 8.8.8.8 in ASA. It says "Tear down ICMP connection for faddrr **** gaddr **
Is it easy to setup a paid wifi hotspot or would I need knowledge of advanced networking? I've been searching around and I've found software that do that, I prefer doing it free.
View 1 Replies View Relatedim experiencing very slow transfer rates averaging 600 kb/s when transfering files. my PC has a compatible dwa-552 card and both the router and card have latest drivers / firmware. i have various changes on the router and to no avail. all devices PC / laptops running N @ 20 mhz / channel 11. i can see 2 other networks but very low signal using diff channels.what setting might i be overlooking in the router that might cause this slow trans rate? incidentally, when i transfer .jpg or .pdf files the transfer improves to 2.5 mb/s. however, when i transfer a folder containing subfolders with diff file types the trans rate drops sharply to 600 kb/s.
View 14 Replies View RelatedI'm trying to troubleshoot an ASA5505.
The original goal was to block "Mumble/Murmur" (a voip app) traffic, which runs on TCP/UDP 64738, both inbound and outbound, except to a certain host (63.223.117.170).
However, when nothing I tried seemed to make a difference, just to troubleshoot, I decided to try blocking all inbound traffic. I first disconnected ethernet port 0/0 to ensure that it was cabled correctly and the outside interface went down when I did. That worked as expected, so I confirmed I had the right interface and it was cabled correctly.
I then applied a "any any deny ip" rule as the first element in the outside interface access_list, as you can see below. However, it appears to have had no real effect and the hit count is very low (it should be astronomical).
show ver
Cisco Adaptive Security Appliance Software Version 9.0(2)
Device Manager Version 7.1(2)
Compiled on Thu 21-Feb-13 13:10 by builders
System image file is "disk0:/asa902-k8.bin"
[Code].....
how many users supports the 2600 series ap air voice, video, and data average any document or link
View 3 Replies View RelatedI have a 3560 switch where I have 4 ports connected, one is to our WAN provider - 10Mbps and the other three are connected to different customers who I want to get an equal share of the 10Mbps bandwidth.I'm fairly clued up about configuring modular QoS but I'm being thrown by the fact that you can't apply a service-policy outbound on the ethernet ports.
View 3 Replies View RelatedIs it possible to use Cisco Band Select on a Cisco 5508 WLAN controller and still disable the 802.11b data rates?
View 2 Replies View RelatedE4200 with an external hard drive WD My Book (1TB) connected to the router via USB.Desktop PC (Windows 7) connected to router via Ethernet cable.Laptop PC (Windows 7) connected to router via wireless connection.I wanted to create a central media (videos/pictures) file on the external hard drive connected to the router. However, the transfer rate is terribly slow. Interestingly, it is 50KB/second when copying from the Desktop (via Ethernet) and 1.6Mbps when copying from the Laptop via wireless.
View 9 Replies View RelatedI'm using an RFC 1483 Bridged adsl connection on a WAG54GS router. Downstream rate says 2043 Kbps, and upstream rate only 35 Kbps. In the router setup page I have not found any place to change downstream/upstream rates. How can I increase \the upstream rate?
View 2 Replies View RelatedHardware Software profile;
Laptop - Windows 7
Desktop - Vista Ultimate SP2
Router - Cisco Linksys E3200
Cables - CAT6
I am a sales engineer, so I use my desktop and laptop all the time. When on road, I sync my desktop with my laptop using a program called ViceVersa. This a very good, reliable syncing program that I have been using for over 10 years ( with upgrades ).
The program allows me to sync my desktop and laptop. The program also shows the data transfer rate during the syncing process. The typical data transfer speed is between 5MB/s and 10MB/s with sometimes up to 12MB/s. A typical sync between the computers will take about 3 - 5 minutes at the ~ 10 MB/s transfer rate using ethernet CAT6 cable inteface. At about 11pm last Tuesday,there was a Windows update on both my Vist and Win7 computers. On wednesday, I went to do a typical sync. The system has dramatically slowed to 59KB/s max. This is about 150 times slower than 5-10MB/s that I was used to for so many years. My typical sync was now taking about 2 hours....unacceptable ! I have tried everything to figure out what is going on and how to fix it but nothing has worked.
Then I tried to see what would happen if I disconnected my ethernet cable ( between the router and the laptop only ) and just sync using the wireless network. With that configuration, the transfer rate is ~ 2.5 MB/s which is not great but is much, much better than 59KB/s. I actually do not know what a reasonable wireless transfer rate should be since I never really did it before due to the faster speed of the wired configuration.
This is just a LAN. Only connecting my Desktop to my Laptop via the Cisco router.
How I can get my wired configuration back up to the 5-10MB/s transfer rate that it once was?
We recently did a forklift upgrade on our campus and installed 3502i's, 3502e's, and 11 5508 WLC's. Our students are complaining about slow connections in several areas of the campus.In our testing and basic trouble shooting our Apple laptops have no problems but our windows laptops are showing a very slow connection rates 264kbps downloand and 366kbps upload. The window device has current drivers installed.
View 14 Replies View RelatedIs it possible to use IP "aliases" on an ASA5505 to use as static NAT public IPs to private IPs? For example, I have int e0/0 connected to my ISP using a /30 subnet and I have my private LAN connected to e0/1 with a /24 subnet. At the moment I can use the one usable IP from the /30 to NAT to the private LAN. The ISP is also routing a /28 subnet to the one public IP of the ASA. I would like to use some of the /28 IPs for NAT also. Can it be as easy as just adding the NAT commands? I figure I would have to add that subnet to the ASA somehow, no? In other devices (including the SA520) they use a concept called IP aliases whereby you define what additional IPs the device can use in its NAT config. Does the ASA support aliases? Maybe I have to do something with VLANs?
View 2 Replies View Relatedit is possible use 1 or 2 Gb memory with ASA 5505 or only 512 Mb ?
View 3 Replies View RelatedI have 1 network that I'm trying to make secure, and it needs to access 2 seperate networks. I tried using an ASA5505 that I had on the shelf to accomplish this but discovered that I had the basic license and that was prohibiting me from getting my connection to my 3rd network. I scrapped that idea and grabbed an old pix 501 off the shelf to bring my connectivity to my 3rd network online since the 3rd network is only passing ip traffic to a small group of servers on the outside I figure the 501 should be just fine.
So, here's the problem I am running into:My internal network is 10.10.16.0/16, I have a new domain controller with DHCP on it handing out addresses in the 10.10.16.0/24 range.External Network 1 is 192.168.16.0/24. The services I need from that network are primarily in 192.168.0.0 range, however there is a comcast router 75.123.123.123 (Changed of course) that provides high speed internet I need for my www traffic.External Network 2 is 10.1.1.0/16 I have about 4 servers I need to access on this network and that's it. This network has it's own domain and DHCP controller and I've been given a range of ip's to use on this network of 10.1.3.180-10.1.3.189 My switch is just a plane jane 3com switch with minimal management so I am attempting to use my ASA5505 to handle my layer 3 routing.
So here's my issue:ASA5505 (IN:10.10.16.1, OUT: 192.168.16.6): Passes traffic to External Network 1 and to the comcast router, no problem. All my computers on my 10.10.16.0/16 network have access to everything on 192.168.0.0/24 as well as getting full name resolution and www traffic across the comcast router. Can NOT access 10.1.1.0/16 no matter what. From inside the ASA or from on the inside LAN ports. It CAN ping the PIX 501 PIX 501 (IN:10.10.16.3, OUT: 10.1.3.180) Can ping EVERYTHING. Can ping 192.168.0.0/24, can ping 10.10.16.0/16 and can ping 10.1.1.0/16. Set to globally assign the other IP's in my range as addresses for outgoing traffic.Workstations (IN: 10.10.16.XXX DHCP, using 10.10.16.1 as gateway) Can only access everything on External Network 1. ZERO access to External Network 2. ATM I have both INSIDE and OUTSIDE ACL's wide open for both firewalls just to get connectivity going. I will be tightening it up after it is operational.Attached find a log file (Sensetive data removed of course) that contains the sh run and sh ver for both the ASA5505 and the PIX 501.
I just got an ASA 5505 with Cisco Adaptive Security Appliance Software Version 8.0(4) alredy loaded on it. Should I update/upgrade it to the newest IOS release, or is the 8.0(4) good and stable?
View 3 Replies View Related