Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Having problems with internet speed / access; firewall related?

Posted on 2010-01-12
9
Medium Priority
?
320 Views
Last Modified: 2012-05-08
Over the past 2 days we have run into problems with severe slowdown of our internet.  First it was not allowing any https:// pages to load, now it is taking forever or timing out on everything.  I am running into issues with trying to figure out what the problem is.  I think it has to do with the ISA 2006 causing some problems.  Odds are while trying to fix the https:// problem, i caused this one.  Looking for information on how to figure out where the communication problem is.  
0
Comment
Question by:krugar77
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 2

Expert Comment

by:Brian702
ID: 26296586
You need to go into trouble shooting mode and forget about security. Disable antivirus and firewalls. Plug a laptop directly into the cable modem.. still having issues then its your ISP? If not then plug a laptop directly into the router and see if you are still experiencing any slow connection speeds. If you are then its the router.. then try disabling the firewall on the router.

If your still having issues start looking into your switches and your DNS server. Update this and let me know whats going on.

0
 
LVL 11

Expert Comment

by:Patmac951
ID: 26296599
The first thing I would do would be to check the logs on your Router/Firewall to determine if this slow down is related to a massive amount of traffic.  This could be a DOS (denial of service) attack
0
 

Author Comment

by:krugar77
ID: 26296770
It does not look like some DOS attack.  I think the problem has to lie in the firewall policy.  The problem 1st came up when i was allowing traffic to a website.  I accidentally changed "This rule applies to" and switched it to "all outbound traffic except selected".  I switched it back to "Selected Protocols" and since then, there has been this issue of slowdown.  
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
LVL 11

Expert Comment

by:Patmac951
ID: 26296861
I am not sure what type of firewall you are using but many applications make a backup of your configuration after it has been changed.  If possible to prove your theory can you restore the configuration back prior to your changes?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 26297146
Provide the output from an ipconfig /all on the ISA server. Lets check the basics. If the only change you have made prior to the performance hit is on the ISA box then this is likely where we will find the issue.

keith - ISA Forefront MVP

0
 

Author Comment

by:krugar77
ID: 26297176
Windows IP Configuration

   Host Name . . . . . . . . . . . . : cody
   Primary Dns Suffix  . . . . . . . : amcp.org
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : amcp.org

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port Server Ada
pter
   Physical Address. . . . . . . . . : 00-04-23-78-65-9A

Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Dual Port Server Ada
pter #2
   Physical Address. . . . . . . . . : 00-04-23-78-65-9B

Ethernet adapter External:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet #2
   Physical Address. . . . . . . . . : 00-0B-DB-95-78-A2
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 65.216.192.163
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   IP Address. . . . . . . . . . . . : 65.216.192.162
   Subnet Mask . . . . . . . . . . . : 255.255.255.248
   Default Gateway . . . . . . . . . : 65.216.192.161
   DNS Servers . . . . . . . . . . . : 198.6.1.122
                                       198.6.1.142
   NetBIOS over Tcpip. . . . . . . . : Disabled

Ethernet adapter Internal:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
   Physical Address. . . . . . . . . : 00-0B-DB-95-78-A1
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 10.0.0.1
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 10.0.0.2
   Primary WINS Server . . . . . . . : 10.0.0.2
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 2000 total points
ID: 26297786
Firstly you have differing dns servers - an absolute no-no for ISA server.
The ISA external nic should have either a blank dns entry or - if it makes you feel uncomfortable leaving it blank - put the internal dns ip address in here as well - ie 10.0.0.2 on both nics.
ISA should only ever look at the internal DNS servers. If ISA needs to resolve external addresses then it will talk to internal dns servers to request name resolution and then the internal DNS servers use their dns forwarders to talk to the ISP or other external DNS.

ISA is totally dependant on correct dns setup - else performance will be dire. You can review this on my blog if you wish.
http://www.kalabaster.com/dasblog/2009/09/06/ISAServerAndFTMGBasicNetworkAndDNSSettingsOnceAndForAll.aspx

There may be other things we need to address after this but this is a fundamental error that you have currently. The same applies to all servers and work stations also, they should never refer to an external DNS server ip address, just the local ones.

keith - ISA Forefront MVP
0

Featured Post

Managing Security & Risk at the Speed of Business

Gartner Research VP, Neil McDonald & AlgoSec CTO, Prof. Avishai Wool, discuss the business-driven approach to automated security policy management, its benefits and how to align security policy management with business processes to address today's security challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses
Course of the Month11 days, 10 hours left to enroll

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question