CP slowing down net connection

[Bikky]

Hi.

I'm running CP-FW1 NG fp5 with floodgate module. Initially we had an 8mb internet connection and had floodgate setup for this. Since then we've moved to an 80mb connection and noticed that we're still only getting about 75Kb download speed.

I've adjusted the interface speeds and floodgate to allow for the new connection but still getting really slow throughput. If i plug in outside the firewall, i see upto 2Meg download speed, but inside the firewall i see less than 100K.

Any ideas anyone?


Thanks.

[chillyjim]

FP5? Do you mean NG-AI R55?

It sounds like you have too much SmartDefence turned on for the hardware its running on.

First thing I would suggest is upgrading to NGX R65 and reading the SmartDefense guide, use only the features you need.

[Thorpuse]

Also... try turning off FloodGate and/or Smartdefense to see whether either makes a difference. TBH, I can't understand why you would want or need Floodgate with a link of that size. Floodgate only kicks in when the link is at full utilisation, and if you have an 80Mb link at full utilisation I'd be more interested at what traffic is causing the saturation that trying to rate-limit it.

[Bikky]

Well all smart defense is off, and still no improvement (there were only about 12-15 SD rules)

Floodgate was there when we had an 8Mb connection (we have over 3000 staff).

Trying floodgate next (fingers X)

[MarioL]

As said before, I would try to disable as much stuff as possible and check.

Also, monitor the firewall, how is the CPU, RAM, Disk space, etc... maybe you are running short on resources (and if that is the case FG/SmartDefence won't help at all).

[dsb.nepo]

Have you adjusted the per interface settings?

[gateway] -> [Topology] -> [interface] -> [QOS tab]

disable in/outbound weight push qos rule and test again.

With R65 I note that the rules are in Kb even the global properties is set to MB (with R60-R62 this was not the case maybe R65_HFA2 solves this;)