Solved

Internal websites outside firewall are slow

Posted on 2008-06-11
5
293 Views
Last Modified: 2010-04-21
For our security I'm going to be a little generic in this description. I just need to know what *might* be happening so I can look into it. Here's the deal...

We have a Cisco pix firewall and a 2900 XL switch outside of that firewall that connects a WAN to our location. A separate switch with multiple VLANS is also attached to the PIX. The issue is that access to web servers attached to the 2900 XL are painfully slow. If the web server is serving up only static HTML the speed is fine, but for the two web servers that hit a database to display content the speed is so bad it can 5 to 10 minutes to load the first and every page.

Here's the kicker. If these servers are accessed from outside system (ie, not coming from an internal VLAN) the speed is fine. What could be causing this issue?
0
Comment
Question by:Stormspace
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:mabutterfield
ID: 21760285
Have you checked speed / duplex on the interfaces of the Pix, and internal hosts?
0
 
LVL 1

Author Comment

by:Stormspace
ID: 21813773
Ok, Checked the ports and everything is set to auto and full duplex.
0
 
LVL 7

Accepted Solution

by:
mabutterfield earned 125 total points
ID: 21816260
have you checked the routing / NATing of connections between them?  

Also, have you tried other types of connections, such as ping, or file transfers to determine latency/throughput. (this may require loosening the rulebase temporarily.)

0
 
LVL 1

Author Comment

by:Stormspace
ID: 21918011
Hmm. I'll have to look into that. It's something I haven't had to do yet.
0
 
LVL 1

Author Closing Comment

by:Stormspace
ID: 31466153
We eventually had to replace the equipment. Part of the problem I feel was the Sys admin's use of a rogue bin file to reflash the PIX.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now