KNBsysteembeheer01
asked on
Draytek Firewall seems to cause slow internet performance
Hi Experts,
I've this weird problem. During the week the internet performance seems to be slower and slower.
When I reboot my firewall everything works normal again but after a few days it's gettings slower and slower again. At the beginning of the week it's so slow that you can't surf normally. Then again, after I reboot the firewall it's working again.
This is my netwerk situation:
first you've have to pass a Draytek Firewall (Vigor 3300v)
second you've ran into a ISA server 2004
Could it be it has something do with ISA as well, eventhough a reboot on the draytek makes it work again?
I can't find anything simular so far on EE or Google.
Please advice what steps I can take to solve this problem?
I've already contacted Draytek support but all they sending me is firmware updates but they doesn't seem to work so far.
Anyway, hopefully some of you experts has an idea?
Grtz,
LenTheM@n
I've this weird problem. During the week the internet performance seems to be slower and slower.
When I reboot my firewall everything works normal again but after a few days it's gettings slower and slower again. At the beginning of the week it's so slow that you can't surf normally. Then again, after I reboot the firewall it's working again.
This is my netwerk situation:
first you've have to pass a Draytek Firewall (Vigor 3300v)
second you've ran into a ISA server 2004
Could it be it has something do with ISA as well, eventhough a reboot on the draytek makes it work again?
I can't find anything simular so far on EE or Google.
Please advice what steps I can take to solve this problem?
I've already contacted Draytek support but all they sending me is firmware updates but they doesn't seem to work so far.
Anyway, hopefully some of you experts has an idea?
Grtz,
LenTheM@n
ASKER
Hi Kruger Monkey,
Thanks for your reply. I don't think it's the ISP because when I plug in a laptop in front off my firewalls there's nothing wrong. A little side note. When a colleague logs in from home through citrix (ica protocol) it works fine. But when he goes to the browser within the citrix session it's very slow. So it seems it's only has to do with http traffic over port 80.
there are 2 drayteks. One master and one in slave mode. In cause of a failure the slave takes over and back again when the master is up. I can probably check to see if I let all the traffic to go over the slave if the problem still occurs. But the answer to that I know next week because it takes about a week to get slower and slower till the point it's not workable anymore.
Kind regards,
LentheM@n
Thanks for your reply. I don't think it's the ISP because when I plug in a laptop in front off my firewalls there's nothing wrong. A little side note. When a colleague logs in from home through citrix (ica protocol) it works fine. But when he goes to the browser within the citrix session it's very slow. So it seems it's only has to do with http traffic over port 80.
there are 2 drayteks. One master and one in slave mode. In cause of a failure the slave takes over and back again when the master is up. I can probably check to see if I let all the traffic to go over the slave if the problem still occurs. But the answer to that I know next week because it takes about a week to get slower and slower till the point it's not workable anymore.
Kind regards,
LentheM@n
Has the draytek been configured to pass DNS to the ISA? Has port 80 & 8080 been set to forward to the ISA server, if this hasn't been done then you will run into browsing issues. I would check these first and see if the problem exists.
make sure you have upgraded the drayteks firmware as there will be a new version if you have never done this since having the device, the old firmware for the 3300 is buggy.
Has anyone enabled a 'High availabilty rule' from the panel go to Netwokr > High availabilty
or a Quality of service (QoS on the 3300v interface)
When the connection is really slow it might be worth while having a quick look at the Data flow monitor found at
System - Diagnostic Tools - Data Flow monitor (make sure you enable in the top left) very useful to see if soomething is hammering the lines.
Last bit- what type of internet connections do you have. Any what ype of setup do you have on the draytek for load balancing, a screen shot of your WAN layout would be best please (from network > WAN).
It may also be worth raising a support ticket withthe draytek support team (they are very helpful and will give you beta firmware if need be) support @ draytek.com
Hope this helps
Has anyone enabled a 'High availabilty rule' from the panel go to Netwokr > High availabilty
or a Quality of service (QoS on the 3300v interface)
When the connection is really slow it might be worth while having a quick look at the Data flow monitor found at
System - Diagnostic Tools - Data Flow monitor (make sure you enable in the top left) very useful to see if soomething is hammering the lines.
Last bit- what type of internet connections do you have. Any what ype of setup do you have on the draytek for load balancing, a screen shot of your WAN layout would be best please (from network > WAN).
It may also be worth raising a support ticket withthe draytek support team (they are very helpful and will give you beta firmware if need be) support @ draytek.com
Hope this helps
ASKER
Hi q2g,
high availability is on and it's synced ok.
I will have a look at the data flow monitor but I can't see that until next week.
I've attached the WAN settings below.
I already contacted the Draytek helpdesk but they couldn't help me. They gave me new firmware and monitored remotely my Drayteks but still no solution.
Thanks for helping me
Grtz,
LenTheM@n
draytek-wan-settings.jpg
high availability is on and it's synced ok.
I will have a look at the data flow monitor but I can't see that until next week.
I've attached the WAN settings below.
I already contacted the Draytek helpdesk but they couldn't help me. They gave me new firmware and monitored remotely my Drayteks but still no solution.
Thanks for helping me
Grtz,
LenTheM@n
draytek-wan-settings.jpg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
sorry I didn't responded earlier. It's very hectic at work. But I've tried to use the dataflow monitor but I see nothing weird. I will try to put a laptop between the ISA and the firewall and let you know the results
ASKER
It did not help me to solve this problem completely but it helped met to get more information about the cause of the problem.
It may also be a problem on the line. Resetting the draytek refreshes the connection and off you go again until it drops down.
Do you have a spare draytek that you can replace your 3300 with? That way you could see if the problem persisted with a different router or went away.