<div>
Have you checked speed / duplex on the interfaces of the Pix, and internal hosts?
</div>


Have you checked speed / duplex on the interfaces of the Pix, and internal hosts?

<div>
Ok, Checked the ports and everything is set to auto and full duplex. 
</div>


Ok, Checked the ports and everything is set to auto and full duplex.

<div>
Hmm. I'll have to look into that. It's something I haven't had to do yet.
</div>


Hmm. I'll have to look into that. It's something I haven't had to do yet.

<div>
We eventually had to replace the equipment. Part of the problem I feel was the Sys admin's use of a rogue bin file to reflash the PIX. 
</div>


We eventually had to replace the equipment. Part of the problem I feel was the Sys admin's use of a rogue bin file to reflash the PIX.

<div>
<div class="content wysiwyg-content">
For our security I'm going to be a little generic in this description. I just need to know what *might* be happening so I can look into it. Here's the deal...<br />
<br />
We have a Cisco pix firewall and a 2900 XL switch outside of that firewall that connects a WAN to our location. A separate switch with multiple VLANS is also attached to the PIX. The issue is that access to web servers attached to the 2900 XL are painfully slow. If the web server is serving up only static HTML the speed is fine, but for the two web servers that hit a database to display content the speed is so bad it can 5 to 10 minutes to load the first and every page. <br />
<br />
Here's the kicker. If these servers are accessed from outside system (ie, not coming from an internal VLAN) the speed is fine. What could be causing this issue? 
</div>
</div>


For our security I'm going to be a little generic in this description. I just need to know what *might* be happening so I can look into it. Here's the deal...

We have a Cisco pix firewall and a 2900 XL switch outside of that firewall that connects a WAN to our location. A separate switch with multiple VLANS is also attached to the PIX. The issue is that access to web servers attached to the 2900 XL are painfully slow. If the web server is serving up only static HTML the speed is fine, but for the two web servers that hit a database to display content the speed is so bad it can 5 to 10 minutes to load the first and every page. 

Here's the kicker. If these servers are accessed from outside system (ie, not coming from an internal VLAN) the speed is fine. What could be causing this issue? 

Internal websites outside firewall are slow

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

A switch is a device that filters and forwards packets of data between LAN segments. Switches operate at the data link layer or the network layer of the Open Systems Interconnection (OSI) Reference Model and therefore support any packet protocol. LANs that use switches to join segments are called switched LANs or, in the case of Ethernet networks, switched Ethernet LANs. A hub is a connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports; when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all packets.

Switches / Hubs

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.