Cisco Firewall :: Only 30Mb/s Throughput On 881?
Mar 31, 2011
I have a Cisco 881 (without wifi model) connected to a 100Mb unmanaged switch and a cable modem with a 120Mb down, 10Mb up connection. When I connect the modem directly to my laptop, I can reach the 120Mb/s down and 10Mb/s upload speed. When I connect the modem to the 881, the max download is about 30Mb/s. Upstream 10Mb is no problem. I've been trying to change the duplex and speed settings on the FastEthernet4 interface, but this has only a worsening effect. I should be able to get about 100Mb/s (since switch is only 100) right?
JAAPROUTER_HQ2#sh ruBuilding configuration...
Current configuration : 3515 bytes!version 12.4no service padservice timestamps debug datetime msecservice timestamps log datetime msecservice password-encryption!hostname JAAPROUTER_HQ2!boot-start-markerboot-
[Code].....
View 1 Replies
ADVERTISEMENT
Feb 27, 2013
I'd like to see some REAL LIFE comparisons of ASA firewall throughput (a bit like this one for ISR G2 Routers - [URL].
The reason I ask is that I recently upgraded a firewall from an ASA5505 to an ASA5520 on a small network where the only outside connectivity was a single 10meg Internet circuit with an IPSEC VPN (not landed on the firewall but on a router) to another site.
When I swapped out the firewall the users noticed a big improvement. The firewall is not doing anything out of the ordinary - no IPS or VPN, just standard state full inspection.
View 5 Replies
View Related
Aug 16, 2011
you have a Cable Modem and are paying for 30MB/sec download or better service, but the network connection on the cable modem is only 10/100; all very common today.Your network connection is showing it's connected at 100 (computer - router - cable modem)....now on the technical side, remember that a 100 MB network connection can only transfer data at a maximum rate of 12.5 MB/sec (not something the normal home user knows or even thinks about).So here's the question; why would you pay for 30MB/sec download speeds when the cable modem itself can only transfer (in theory) 12.5MB/sec to you over the network?
View 3 Replies
View Related
Mar 30, 2012
Just upgraded to the 30mb cable modem. When I hook my laptop up via cat5 and run a test I get like 28mbps. Via my router I only get like 11mbps tops. What do I need to do to get more speed via router?
View 8 Replies
View Related
Mar 12, 2013
Why does my F5D5230 Router restrict my network connection speed ? I have a 30 mb connection to my cable modem when connected to my computer,but when I install the router my connection speed drops to 5mb.
View 1 Replies
View Related
Jun 18, 2011
The issue was about Cisco ASA5510 Sec Plus.2 Interfaces, LAN and DMZ.Both 1000 FD, no interface errors like CRC or something similar.If I start a data transfer (like FTP) or a data stream test (like Netperf), from DMZ to INSIDE I get a theoughput.If I start the same from INSIDE to DMZ (same hosts), i get a troughput almost ten times slower.If i do the same using netperf in UDP (not TCP) I get the same in both directions.
View 9 Replies
View Related
Jan 31, 2012
Do some have some realistic performance numbers for a ASA 5505 on a mixed setup with local internet breakout and site to site vpn ( and don't tell me 150 mbps 3des throughput on a 100 mbps ethernet) - what can be expected in a live environment where we f.ex feed it with a 100 mbps internet connection - with a site to site vpn with f.ex 20 office workers running office on a remote terminalserver and mixed local internet breakout.
View 2 Replies
View Related
Mar 3, 2013
I'm new to the Networking world and am trying to establish a base for my network. I'm running ASA 5510 8.4(4), how can I measrue throughput ? In the ASDM, there is a nice feature for CPU, and the command show CLI also provides good info about CPU, but how can I get the throughput on a port basis ?
View 8 Replies
View Related
Oct 3, 2011
What is the difference between IP throughput routing throughput and firewall throughput
the reason is i am trying to spec a router for a mate who is setting up an online server for an old game ultima online which will have around 300-400 people each pulling around 10kb/sec
I recommended an 880 service router but when he spoke to a guy at the shop they said this would only run at 25mb/sec and he is plugging in to a 100MB/sec line
But the current router that is a home dlink which cost at most 60 Euros on a speed tester can pull 95mb/secI just don’t get how a 60 Euros router can download quicker than a 300-400 Euro router
They said try a ASA5505 that can do 150MB/sec of firewall throughput
View 1 Replies
View Related
Feb 4, 2013
I'm not clear about the capabilities of the ASA 5510 GigE interfaces (eth0/0 and eth0/1) with an without IPSEC tunnels enabled.
This page [URL] shows a figure of 170Mbps 'Maximum 3DES/AES VPN Throughput'. Does that mean per IPSEC tunnel or for the whole interface if it is IPSEC-enabled?
View 3 Replies
View Related
Jan 19, 2012
Looking at the ASA spec sheets, the ASA 5510 has a firewall throughput of 300Mbps. Does this mean 300Mbps half duplex or full duplex?
We are looking to replace our current firewall. Peak traffic at the moment is 250Mbps upstream and 20Mbps downstream, max concurrent sessions is 24K. Will I need to look at a ASA 5520 for the replacement?
View 1 Replies
View Related
Nov 14, 2011
I'm having a throughput problem with a new ASA 5540 running version 8.2 (1). When trying to access a database server using tcp port 1521 (sqlnet) it is about 10 to 20 times slower than when the database is not behind the firewall. We've been running the same software on a database behind an ASA 5520 running version 8.0 (3) with no problems for years. When I check the cpu usage on the 5540 at the ASDM home page, it is rarely above 20% and never above 30% while this is being tested. I tried testing ftp throughput over the same interface and it was normal with ~320 Mbps average rate transferring a 500 MB file.
View 6 Replies
View Related
Aug 31, 2011
I have a asa5580 with multiple interfaces. To replicate me databases to another site, I mainly use two interfaces on that firewall. Those interfaces have a steady pace, around 95%.
I am wondering when I should consider that the thoughput between those two interfaces is too much? Is there a good document that could explain me clearly why?
Also I want to be sure that I won't affect the normal traffic between the other interfaces. Is there a way to garantee certain traffic over others on an ASA? I don't have any router in me setup layer 3 role is perform by asa firewalls (static routes).
View 1 Replies
View Related
Apr 25, 2013
How do i measure the total throughput going via 5585-X.It has the firewall througput of 5Gbps. Looking at aggregate of all the interfaces traffic going through it seems about 4gbps is going through.
I use show traffic command and add up the trasmit and receive traffic on each live interface.Is that correct method and are there any more commands?
View 1 Replies
View Related
Aug 23, 2011
I have a Cisco PIx firewall that is connected to a cable modem with Time warner cable. I am supposed to have 35 down and 5 up for my speed on that modem. When I bypass the firewall and connect directly to the cable modem, I get download speeds in excess of 30 and upload speeds of about 5. However, when I connect via my workstation, which goes through the PIX, I am lucky to get speeds in the 1.2 for a download and 2-3.5 for the upload. I am using a laptop to test. We have gigabyte Cat5e cabling and gigabyte switches.
Below are statements from the config.The interface lines are per below:
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 auto shutdown
MTU outside 1500
How can i adjust this so I can make use of the 30 speed of the modem?
View 2 Replies
View Related
Jul 12, 2007
What the Firewall throughput is for the BEFSX41.
View 9 Replies
View Related
Apr 11, 2013
I was looking for document where the VPN throughput of the Cisco886/887 Router is listet.
View 2 Replies
View Related
Jan 18, 2011
I need to provide a router to connect Internet circuit and run IPsec to MPLS network. Circuit is 10Mbps.
What is the max a Cisco 881 can handle if running IPsec?Also, if you are aware of any branch router (1941) which allows connection to future 4G LTE .
View 3 Replies
View Related
Apr 23, 2013
We have a 1841 setup with WAN and LAN subinterfaced(2 WAN connections, 1 internal VLANs) and I am recieving some pretty horrible throughput when traversing the router to the WAN.
I am receiving about 2 MBPS down but around 5 up.Currently there is a ACL on the WAN interface, and as well we are running NAT NVI. It is possible that this might have something to do with it, but I am not sure.
Most of the CPU is going to IP input however I cannot seem to determine the cause. One thing I am thinking is the overload for NVI is using a route-map. Could that cause it to process switch instead of fast/CEF switch?
View 4 Replies
View Related
Mar 17, 2013
My first wireless router, which I still have and works perfectly, was a DIR-601, A1, fw v1.00na. It has always been reliable and worked great, save for being a little weak on the signal range. Back when I got it I knew little about networking period, let alone wireless routers- so I never tweaked anything on it. Now it's almost 4 years later. Being a little more knowledgable, and my family creating A LOT more traffic on my network, I decided some upgrades were in order. First I called COX to upgrade my speed too, which led me to having to purchase a new Motorolla SB6121 modem- and everything was great. However, aside from the same old dead spots in my house, I was starting to realize the limitations of my 601 with regards to handling the traffic load. Since I never had an issue with my 601, I decided to stay loyal to D-Link. After, albeit, a small amount of research... I decided on the 655. It fit the budget, and I read some decent reviews on it regarding gaming. Plus, from what I've read, I didn't really see any benifit to justify a dual band router for what I do. Anyway, my new 655, B1, fw v2.05NA has solved all of my wireless issues and handles our traffic perfectly, except for one slight problem- my wired PS3. I have Cox ultimate, which here in Nevada is up to 150Mbps, and wired my laptop is getting 107Mbps download- pretty consistently with the 655, and around 100 with the 601. My PS3 on the other hand, went from 27 to 32Mbps wired with my 601, to only getting 8 to 15Mbps wired to the 655- and a lot of lag on certain online games. It seems that out of all of our devices, my PS3 is the only one that doesn't like the 655. I really hesitate to DMZ my PS because of the risks, but at this point I'm almost desperate enough to try anything. I hooked the 601 back up for now for the PS3 performance...but we are REALLY missing the wireless and traffic handling performance of the 655!!
View 2 Replies
View Related
Jan 25, 2013
When a physical switchport/routed port has high usage, you can move the link to a higher capacity port, upgrade the port, bond links, etc. What exactly do you do when an SVI has high usage? I guess you could remove some servers from the VLAN, but that doesn't seem like a reasonable solution. What dictates the capacity of an SVI? The backplane of the switch?
View 14 Replies
View Related
Jun 2, 2011
i have gotten a question from a partner in regards to the throughput on both LAN and WAN on the SRP541W. I can't really find that on the datasheet.
View 4 Replies
View Related
Jun 12, 2012
We are looking at providing an ISR 819 for one of our customers using FTTC & 3G for failover .. However, I cant seem to find any recommended throughput guidence for the device? We could be looking at up to 80Mbps via the ethernet interface and I just dont know if the device will cope?
View 4 Replies
View Related
Jun 13, 2012
We have multiple sites that have either fiber 20mb d/u or cable 50/10 d/u. Recently we have upgraded our head end router to a 2921 security based router and noticed that no matter if we are sending or receiving the most we can push is 1.6Mb. I would expect this number to be at least 8Mb for uploading and at least 18mb for downloading from other sites.I have included parts of my config and screen shots of bandwidth usage for troubleshooting. [code]
View 3 Replies
View Related
Jan 12, 2011
We've recently moved from using FiberChannel across an OC-48 between two data centers to GigabitEthernet. Data replication throughput has dropped from 700Mbps down to 45Mbps. The telco provider has demonstrated 1Gb throughput via UDP andTCP using T-Berts. However, when we connect two computers or servers, we do not get near the throughput performance.
View 1 Replies
View Related
Nov 22, 2012
we have one OC-24 private line between our data centers. we are looking to get best throughput but we get max. avg throughput of 300Mbps with peaks of 800Mbps throughput. i.e. we transfered 2TB of data over this link and we got average throughput of 300Mbps with peaks of 800Mbps.
we should at least be getting 800Mbps throughput since we have OC-24 (1244Mbps) private line. we contacted our ISP but they said there isn't any problem in private line from ISP side. what can we do to increase average throughput?
View 10 Replies
View Related
Feb 10, 2013
We currently are using 2811 router for internet Via IPSEC tunnel.Download speed is 30 Mbps and Upload speed is 6 Mbps.
But we are getting not more than 4 Mbps download speed. We did open Tac case and as per Tac 2811 router is not for 30 Mbps.Can any suggest proper model. We need 2 FastEthernet/Gig and one serial port.
View 2 Replies
View Related
Jan 17, 2013
We have 15 small branches with Cisco 881w in every office, they use VPN site-to-site to vpn- concentrator on V yatta. I launched cacti monitoring of cisco 881's CPU's Errors, Traffics, Non-uni cast, Uni cast. I see that on 10.00 pm in one brunch when nobody works there, CPU load reaches 50% and traffic rises up to 9mbs.
View 10 Replies
View Related
Apr 20, 2012
what is network utilization and throughput ?
View 1 Replies
View Related
Jan 7, 2011
I have two NAS drives directly connected to my router. I am accessing them through my XP laptop's wireless connection. I am trying to copy a large volume of data from one to the other (28Gb).The problem I have is throughput. I am barely getting 250Kb/s from one drive to the other.Is there a way to speed this up?
View 2 Replies
View Related
Apr 19, 2012
recently we had some performance issues with C2811 which caused us to do some lab testing. For testing we used also C1812. The results were quite surprising for us, as the C1812 appeared to be more efficient than C2811. Below you can see the lab scenario and results.
1. Why C2811 is performing worse than C1812?
2. Is there any official Cisco reference stating what are the max VPN throughputs of certain platforms/models? (we consider migration to C2900 platform and would like to choose the right model)
[URL]
as presented on the small diag:
All routers had enabled onboard hw VPN modules and SEC/K9 IOS ver. Configuration was very simple and beside encryption there were also GRE tunnels configured and EIGRP process for routing between "remote LANs". Part of conf responsible for encryption:
crypto isakmp policy 10 encr aes 256 authentication pre-share group 5 lifetime 3600crypto isakmp key ......... address ......... no-xauth!crypto ipsec transform-set SHA-AES256 esp-aes 256 esp-sha-hmac
crypto map VPN 90 ipsec-isakmp set peer ......... set transform-set SHA-AES256 set pfs group5 match address .........
TEST RESULTS
Cisco 1812Cisco 2811iperf generated BW [bps]WAN if BW (max of 30s avgs) [bps]CPU usage (max of 5s avgs)WAN if BW (max of 30s avgs) [bps]CPU usage (max of 5s avgs)500k--540k5%1M1,1M3%1,2M8%2M2,1M4%2,3M14%5M5,4M10%5,7M34%10M10,6M20%11,5M65%15M15,8M28%17M96%16M--17,2M99%25M27M48%--35M38M64%--45M48,2M72%--53M60,8M88%--59M67M94%--61M72M97%--
View 4 Replies
View Related
Nov 1, 2012
What is a backplane throughput of C3925-SPE100, I tried searching in datasheet but could not find
View 3 Replies
View Related
Sep 25, 2012
Any way to test throughput on a routed SG-300. I tried using iperf with netbook on VLAN1 to netbook on routed interface running @ 100mb. I was getting results as low as 40mb upto 200mb (sometimes even 2gb, I assumed these to be flukes). Since implementing it, the throughtput seems worse, I'm getting between 10 - 40mb of throughput. I have about 30 clients behind it routing across a 100mb leased link. I don't see why the SG300 shouldn't be able to do wire speed routing (upto 100 hosts). How to verify the expected throughput consistently?
View 3 Replies
View Related
