We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Course Of The Month
11 days, 8 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Broadband Connection slow using cisco 2600.
Posted on 2004-08-04
I bought a cisco 2600 to connect to my broadband cable connection, I installed the firewall feature set and everything is connected and runs. However, it runst very slowly, compared to just a regular linksys router. I would think the cisco should be faster, so it must be something in the config, I will post it here.
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Butt-Router
!
enable secret 5 #######################
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip inspect max-incomplete low 100
ip inspect max-incomplete high 1100
ip inspect one-minute low 100
ip inspect one-minute high 1100
ip inspect udp idle-time 15
ip inspect dns-timeout 2
ip inspect tcp idle-time 600
ip inspect tcp synwait-time 10
ip inspect name Ethernet0/0 tcp
ip inspect name Ethernet0/0 udp
ip inspect name Ethernet0/0 cuseeme
ip inspect name Ethernet0/0 ftp
ip inspect name Ethernet0/0 h323
ip inspect name Ethernet0/0 rcmd
ip inspect name Ethernet0/0 realaudio
ip inspect name Ethernet0/0 streamworks
ip inspect name Ethernet0/0 vdolive
ip inspect name Ethernet0/0 sqlnet
ip inspect name Ethernet0/0 tftp
ip inspect name CBAC tcp
ip inspect name CBAC udp
ip inspect name CBAC ftp
ip inspect name CBAC smtp
ip audit notify log
ip audit po max-events 100
!
call rsvp-sync
!
!!
!
!
!
!
!
interface Ethernet0/0
description connected to Internet
ip address dhcp
ip access-group 101 in
ip nat outside
half-duplex
no cdp enable
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
description connected to EthernetLAN
ip address 192.168.1.2 255.255.255.0
ip access-group 102 in
ip nat inside
ip inspect CBAC out
full-duplex
no cdp enable
!
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static tcp 192.168.1.15 3389 interface Ethernet0/0 3389
ip nat inside source static tcp 192.168.1.15 1723 interface Ethernet0/0 1723
ip nat inside source static tcp 192.168.1.15 4125 interface Ethernet0/0 4125
ip nat inside source static tcp 192.168.1.15 444 interface Ethernet0/0 444
ip nat inside source static tcp 192.168.1.15 443 interface Ethernet0/0 443
ip nat inside source static tcp 192.168.1.15 21 interface Ethernet0/0 21
ip nat inside source static tcp 192.168.1.15 80 interface Ethernet0/0 80
ip nat inside source static tcp 192.168.1.26 6881 interface Ethernet0/0 6881
ip nat inside source static tcp 192.168.1.26 6882 interface Ethernet0/0 6882
ip nat inside source static tcp 192.168.1.26 6883 interface Ethernet0/0 6883
ip nat inside source static tcp 192.168.1.26 6884 interface Ethernet0/0 6884
ip nat inside source static tcp 192.168.1.26 6885 interface Ethernet0/0 6885
ip nat inside source static tcp 192.168.1.26 6886 interface Ethernet0/0 6886
ip nat inside source static tcp 192.168.1.26 6887 interface Ethernet0/0 6887
ip nat inside source static tcp 192.168.1.26 6888 interface Ethernet0/0 6888
ip nat inside source static tcp 192.168.1.26 6889 interface Ethernet0/0 6889
ip nat inside source static tcp 192.168.1.15 25 interface Ethernet0/0 25
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
no ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
!
!
dial-peer cor custom
!
!
!
!
banner motd ^CCC GO AWAY, UNAUTHORISED ACCESS IS PROHIBITED. SO GO AWAY. !!!
!!!^C
!
line con 0
exec-timeout 0 0
!
!
!
line con 0
exec-timeout 0 0
password 7 ################# logging synchronous
login
line aux 0
password 7 #################
line vty 0 4
login
!
end
I am running Small business server 2003, but I dont think this is causing the slowdown, any suggestions? Thank you so much for your help.
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Butt-Router
!
enable secret 5 #######################
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip inspect max-incomplete low 100
ip inspect max-incomplete high 1100
ip inspect one-minute low 100
ip inspect one-minute high 1100
ip inspect udp idle-time 15
ip inspect dns-timeout 2
ip inspect tcp idle-time 600
ip inspect tcp synwait-time 10
ip inspect name Ethernet0/0 tcp
ip inspect name Ethernet0/0 udp
ip inspect name Ethernet0/0 cuseeme
ip inspect name Ethernet0/0 ftp
ip inspect name Ethernet0/0 h323
ip inspect name Ethernet0/0 rcmd
ip inspect name Ethernet0/0 realaudio
ip inspect name Ethernet0/0 streamworks
ip inspect name Ethernet0/0 vdolive
ip inspect name Ethernet0/0 sqlnet
ip inspect name Ethernet0/0 tftp
ip inspect name CBAC tcp
ip inspect name CBAC udp
ip inspect name CBAC ftp
ip inspect name CBAC smtp
ip audit notify log
ip audit po max-events 100
!
call rsvp-sync
!
!!
!
!
!
!
!
interface Ethernet0/0
description connected to Internet
ip address dhcp
ip access-group 101 in
ip nat outside
half-duplex
no cdp enable
!
interface Serial0/0
no ip address
shutdown
!
interface Ethernet0/1
description connected to EthernetLAN
ip address 192.168.1.2 255.255.255.0
ip access-group 102 in
ip nat inside
ip inspect CBAC out
full-duplex
no cdp enable
!
router rip
version 2
passive-interface Ethernet0/0
network 192.168.1.0
no auto-summary
!
ip nat inside source list 1 interface Ethernet0/0 overload
ip nat inside source static tcp 192.168.1.15 3389 interface Ethernet0/0 3389
ip nat inside source static tcp 192.168.1.15 1723 interface Ethernet0/0 1723
ip nat inside source static tcp 192.168.1.15 4125 interface Ethernet0/0 4125
ip nat inside source static tcp 192.168.1.15 444 interface Ethernet0/0 444
ip nat inside source static tcp 192.168.1.15 443 interface Ethernet0/0 443
ip nat inside source static tcp 192.168.1.15 21 interface Ethernet0/0 21
ip nat inside source static tcp 192.168.1.15 80 interface Ethernet0/0 80
ip nat inside source static tcp 192.168.1.26 6881 interface Ethernet0/0 6881
ip nat inside source static tcp 192.168.1.26 6882 interface Ethernet0/0 6882
ip nat inside source static tcp 192.168.1.26 6883 interface Ethernet0/0 6883
ip nat inside source static tcp 192.168.1.26 6884 interface Ethernet0/0 6884
ip nat inside source static tcp 192.168.1.26 6885 interface Ethernet0/0 6885
ip nat inside source static tcp 192.168.1.26 6886 interface Ethernet0/0 6886
ip nat inside source static tcp 192.168.1.26 6887 interface Ethernet0/0 6887
ip nat inside source static tcp 192.168.1.26 6888 interface Ethernet0/0 6888
ip nat inside source static tcp 192.168.1.26 6889 interface Ethernet0/0 6889
ip nat inside source static tcp 192.168.1.15 25 interface Ethernet0/0 25
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0/0
no ip http server
!
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 permit ip any any
!
!
dial-peer cor custom
!
!
!
!
banner motd ^CCC GO AWAY, UNAUTHORISED ACCESS IS PROHIBITED. SO GO AWAY. !!!
!!!^C
!
line con 0
exec-timeout 0 0
!
!
!
line con 0
exec-timeout 0 0
password 7 ################# logging synchronous
login
line aux 0
password 7 #################
line vty 0 4
login
!
end
I am running Small business server 2003, but I dont think this is causing the slowdown, any suggestions? Thank you so much for your help.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
Not sure if this will help with the speed at all but a couple suggestions:
Remove "ip access-group 101 in" from the ethernet0/0 interface as access-list 101 is not defined on the router. The command is useless. Same thing on ethernet0/1, remove "ip access-group 102 in". Also, you typically want the IOS Firewall to inspects packets outbound of your Internet connected interface. Remove "ip inspect CBAC out" from ethernet0/1 and add it to ethernet 0/0.
Also, posting the interface counters "show int ethernet 0/0" and "show int ethernet 0/1" might be useful.
On Ethernet 0/1, you have it set to "full-duplex", is the hub/switch port connected to ethernet 0/1 set to full duplex also or is it autonegotiate? Make sure it is set to full duplex or you will get a duplex mismatch and speed will suffer. If the device is only capable of autonegotiating, set ethernet 0/1 back to autonegotiate. You may want to set ethernet 0/0 to auto as well.
Remove "ip access-group 101 in" from the ethernet0/0 interface as access-list 101 is not defined on the router. The command is useless. Same thing on ethernet0/1, remove "ip access-group 102 in". Also, you typically want the IOS Firewall to inspects packets outbound of your Internet connected interface. Remove "ip inspect CBAC out" from ethernet0/1 and add it to ethernet 0/0.
Also, posting the interface counters "show int ethernet 0/0" and "show int ethernet 0/1" might be useful.
On Ethernet 0/1, you have it set to "full-duplex", is the hub/switch port connected to ethernet 0/1 set to full duplex also or is it autonegotiate? Make sure it is set to full duplex or you will get a duplex mismatch and speed will suffer. If the device is only capable of autonegotiating, set ethernet 0/1 back to autonegotiate. You may want to set ethernet 0/0 to auto as well.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Over the past few years, small business and home owners have become so dependent on internet that a need for redundancy has arisen.
What happens when your small business or home / home office loses its internet connection? The results c…
Sometimes you have to pull out old tricks to get a new firewall to work…
While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working. It seemed random and we could not understa…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month11 days, 8 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.