Mirrorinc
asked on
Juniper SSG-140 Slow Traffic
I have narrowed it down on our Juniper SSG-140 we have 3 Zones
DMZ-0/9 10/100/1000
Trusted -0/8 10/100/1000
Untrusted-0/2 10/100
Any time I copy a fle FROM the DMZ (DMZ->Trusted) its very slow like 150-250 KB
Any time I copy a file FROM the Trusted (Trusted->DMZ) is fine and fast like 30 - 50MB
I have look through all my polices and find no traffic shaping policies to hender this, and have not engres and egress set at all on the DMZ or the Trusted interface
the only thing that looks out of shorts is the Interfaces Page Reads out the Ethernet0/9 - DMZ as 100mb and it should be 1000mb and the Ethernet0/8 - Trusted is reading out as 1000mb like it should
FYI those too ports are suppose to be 10/100/1000 ports and all the rest are 10/100
DMZ-0/9 10/100/1000
Trusted -0/8 10/100/1000
Untrusted-0/2 10/100
Any time I copy a fle FROM the DMZ (DMZ->Trusted) its very slow like 150-250 KB
Any time I copy a file FROM the Trusted (Trusted->DMZ) is fine and fast like 30 - 50MB
I have look through all my polices and find no traffic shaping policies to hender this, and have not engres and egress set at all on the DMZ or the Trusted interface
the only thing that looks out of shorts is the Interfaces Page Reads out the Ethernet0/9 - DMZ as 100mb and it should be 1000mb and the Ethernet0/8 - Trusted is reading out as 1000mb like it should
FYI those too ports are suppose to be 10/100/1000 ports and all the rest are 10/100
You may need to manually set the interface bandwidth and duplex from the command line. That should sort out the issues with transfer speed
ASKER
I know we have the 100mb 1000mb issue a while ago on both those ports, and I we had to change duplex setting on the ports, all the switch connected up to these 2 ports are Cisco 2960 Gigbit switches..
I 'm not to versed in the commands on this FW so I don't know what the syntex is for manaully setting the bandwidth?
I 'm not to versed in the commands on this FW so I don't know what the syntex is for manaully setting the bandwidth?
For 1GB full duplex (which doesn't make much sense, since GB runs best with auto-negotiation):
set interface eth0/9 phy full 1000mb
set interface eth0/9 phy full 1000mb
ASKER
how would you set it to auto then?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
if I remember right this doesn't affect any live traffic correct?
ASKER
how to you display with the interface is currently set at?
get interface <interface name>
ASKER
Thanks everything started to work much faster after setting it to auto.
Qlemo should get credit too. he was the first post with the actual command :)
There seems to be a switch or a hub in between DMZ to Trust that is dropping it down to 100
Regards,
TT