• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1597
  • Last Modified:

Broadband Connection slow using cisco 2600.

I bought a cisco 2600 to connect to my broadband cable connection, I installed the firewall feature set and everything is connected and runs. However, it runst very slowly, compared to just a regular linksys router. I would think the cisco should be faster, so it must be something in the config, I will post it here.

version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Butt-Router
!
enable secret 5 #######################
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip inspect max-incomplete low 100
ip inspect max-incomplete high 1100
ip inspect one-minute low 100
ip inspect one-minute high 1100
ip inspect udp idle-time 15
ip inspect dns-timeout 2
ip inspect tcp idle-time 600
ip inspect tcp synwait-time 10
ip inspect name Ethernet0/0 tcp
ip inspect name Ethernet0/0 udp
ip inspect name Ethernet0/0 cuseeme
ip inspect name Ethernet0/0 ftp
ip inspect name Ethernet0/0 h323
ip inspect name Ethernet0/0 rcmd
ip inspect name Ethernet0/0 realaudio
ip inspect name Ethernet0/0 streamworks
ip inspect name Ethernet0/0 vdolive
ip inspect name Ethernet0/0 sqlnet
ip inspect name Ethernet0/0 tftp
ip inspect name CBAC tcp
ip inspect name CBAC udp
ip inspect name CBAC ftp
ip inspect name CBAC smtp
ip audit notify log
ip audit po max-events 100
!
call rsvp-sync
!
!!
!
!
!
!
!
interface Ethernet0/0
 description connected to Internet
 ip address dhcp
 ip access-group 101 in
 ip nat outside
 half-duplex
 no cdp enable
!
interface Serial0/0
 no ip address
 shutdown
!
interface Ethernet0/1
 description connected to EthernetLAN
 ip address 192.168.1.2 255.255.255.0
 ip access-group 102 in
 ip nat inside
 ip inspect CBAC out
 full-duplex
 no cdp enable
!
router rip
 version 2
 passive-interface Ethernet0/0
 network 192.168.1.0
 no auto-summary
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static tcp 192.168.1.15 3389 interface Ethernet0/0 3389
ip nat inside source static tcp 192.168.1.15 1723 interface Ethernet0/0 1723
ip nat inside source static tcp 192.168.1.15 4125 interface Ethernet0/0 4125
ip nat inside source static tcp 192.168.1.15 444 interface Ethernet0/0 444
ip nat inside source static tcp 192.168.1.15 443 interface Ethernet0/0 443
ip nat inside source static tcp 192.168.1.15 21 interface Ethernet0/0 21
ip nat inside source static tcp 192.168.1.15 80 interface Ethernet0/0 80
ip nat inside source static tcp 192.168.1.26 6881 interface Ethernet0/0 6881
ip nat inside source static tcp 192.168.1.26 6882 interface Ethernet0/0 6882
ip nat inside source static tcp 192.168.1.26 6883 interface Ethernet0/0 6883
ip nat inside source static tcp 192.168.1.26 6884 interface Ethernet0/0 6884
ip nat inside source static tcp 192.168.1.26 6885 interface Ethernet0/0 6885
ip nat inside source static tcp 192.168.1.26 6886 interface Ethernet0/0 6886
ip nat inside source static tcp 192.168.1.26 6887 interface Ethernet0/0 6887
ip nat inside source static tcp 192.168.1.26 6888 interface Ethernet0/0 6888
ip nat inside source static tcp 192.168.1.26 6889 interface Ethernet0/0 6889
ip nat inside source static tcp 192.168.1.15 25 interface Ethernet0/0 25
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
no ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
!
!
dial-peer cor custom
!
!
!
!
banner motd ^CCC   GO AWAY, UNAUTHORISED ACCESS IS PROHIBITED. SO GO AWAY. !!!
!!!^C
!
line con 0
 exec-timeout 0 0
!
!
!
line con 0
 exec-timeout 0 0
 password 7 ################# logging synchronous
 login
line aux 0
 password 7 #################
line vty 0 4
 login
!
end


I am running Small business server 2003, but I dont think this is causing the slowdown, any suggestions? Thank you so much for your help.
0
nbutterhorn
Asked:
nbutterhorn
1 Solution
 
JFrederick29Commented:
Not sure if this will help with the speed at all but a couple suggestions:

Remove "ip access-group 101 in" from the ethernet0/0 interface as access-list 101 is not defined on the router.  The command is useless.  Same thing on ethernet0/1, remove "ip access-group 102 in".  Also, you typically want the IOS Firewall to inspects packets outbound of your Internet connected interface.  Remove "ip inspect CBAC out" from ethernet0/1 and add it to ethernet 0/0.

Also, posting the interface counters "show int ethernet 0/0" and "show int ethernet 0/1" might be useful.

On Ethernet 0/1, you have it set to "full-duplex", is the hub/switch port connected to ethernet 0/1 set to full duplex also or is it autonegotiate?  Make sure it is set to full duplex or you will get a duplex mismatch and speed will suffer.  If the device is only capable of autonegotiating, set ethernet 0/1 back to autonegotiate.  You may want to set ethernet 0/0 to auto as well.
0
 
nbutterhornAuthor Commented:
YOu rock, I set both to auto, now Im going LIGHT SPEED fast agin, Thank you you get thepoints.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now