I did a speed test from several speed test sites for my 1 gig Internet circuit and my download and upload are so different. The upload seems fine but the download is so off. It never passes 250Mbps. I have another 300 Mbps with another ISP and when I tested it with the speedtest sites, the download and upload are almost the same, around 250Mbps.
The tech was onsite and tested with his test set and he said that he gets around 900Mbps upload and download.
How do I explain this? Can I trust the 1G circuit provider? What is the explanation for the speedtest sites reported big differences between download and upload.

Any thoughts? Thanks

A few years back I had SolarWinds Real-Time NetFlow Analyzer working with my Cisco 3750x switch. Recently we had some suspicious traffic so I installed a new version of the software on a Win 10 machine. I can connect through the software to my switch, I can see all of the interfaces but none of them show NetFlow enabled. When I click on the interface I want to monitor then click "Start Flow Capture" I get a 'NetFlow is not detected on the selected interface'.

How do I get this port configured correctly to capture NetFlow data?

Additional Facts:
IOS version 15.0(2)SE6

Config on switch:

int gig <port to be monitored>
ip flow ingress
ip flow egress

ip flow-export source <port to be monitored>
ip flow-export version 5
ip flow-export destination <IP of my Win 10 machine> 2055

Select all Open in new window

Per this thread- https://thwack.solarwinds.com/thread/20498 
I tried to run the ip nbar protocol-discovery and the ip route-cache flow on the port to be monitored. Neither of those commands were accepted on that port.

Any help is appreciated.

EDIT:
I've had users on other forums attempt to help me by pointing me to towards flexible netflow configurations that use the command ip flow monitor <name of monitor> input applied to the interface they want to monitor. My switch does not allow flexible netflow to be applied to non-service module ports. What I'm trying to monitor are the standard gigabit interfaces.

The netflow commands I can apply to those standard interfaces are those listed above: ip flow ingress and ip flow egress. How do I get netflow analysis that way?

Why would wireshark shade certain lines of a packet capture grey instead of light blue which is the majority?

SonicWALL VPN to Cisco ASA
On the Cisco side there are two subnets (172.16.0.16/29 and 10.0.0.0/22)
On the SonicWALL side there are two subnets (192.168.0.0/24 and 10.0.0.0/24)
Three subnets total - 172.168.0.16/29 - 192.168.0.0/24 - 10.0.0.0/22 and /24

Without using NAT in the policy the Cisco side is able to ping 192.168.0.1 (remote gateway).  The SonicWALL side is able to ping 172.16.0.17 (remote gateway of subnet 1) but cannot ping 10.0.0.254 (remote gateway of subnet 2) because the SonicWALL is also managing the same subnet locally.

I know when you try to set up a VPN where the subnets on both sides match (in this case 10.0.0.0) you need to use NAT tables, but how do you set up a VPN where you link multiple networks where only one subnet overlaps?

Local 192.168.0.0/24
Local 10.0.0.0/24   --> NAT 10.100.0.0/24

Remote 172.16.0.16/29
Remote 10.0.0.0/22 --> NAT 10.200.0.0/22

The problem is (at least on my SonicWALL side) the NAT is either on or off for the policy, and the subnets are grouped and cannot be specified individually in a single policy.  I specify the X0 Subnet (192.168.0.0/24) as my local network, and an address group object that includes both encrypted domains (172.16.0.16/29 & 10.200.0.0/22).  Only the 10.200.0.0/22 subnet is NAT though.

I theorized that I could specify 172.18.0.16/29  on the SonicWALL and have the Cisco ASA side 172.18.0.29 --> NAT 172.16.0.16/29.  

In reverse I would suspect that the Cisco ASA must also do the same …

Going through the daily logs on 12 servers is becoming too cumbersome. I working with a small domain including remote offices of about 50 users and less than 100 devices, mostly Windows clients. I looking for a way to aggregate the logs and filter for items that I need to monitor, not the entries that I know I can ignore. Small business = small budget, so my options are somewhat limited and I really don't have the time or energy to implement an enterprise class solution that requires 6 months of training just to understand. So with that said, what are your suggestions?

We have 3 wan connections going into a bonder - Bell (200mbps) Rogers (200mbps) and Shaw (150mbps) and then from the bonder into X1 interface of the sonicwal (NSA 3500). From the bonder direct out we are getting about 320mbps (which is not great and we are working with Rogers & Shaw to improve their connections) but from the clients we are only getting a max of 95mbps up and down no matter how many tests we run. I have tried this on the X1 and X2 interface as well as change to the secondary HA unit and I get the same results.

I also plugged in my laptop directly to the Bell connection and was getting about 180 up and down. Plugged into the sonicwall X2 interface and changed my client to use that route and again I was getting a best of 95mbps.

Seems like this problem points to the sonicwall

I have a case open with them but wanted to try and resolve this sooner than later so any help/insight you have would be appreciated!

I ran the network tool 'IPerf" on 2 PC's that are connected by several GB Switches.  The results are pretty close every time I ran the test, please see below

G:\Downloads\Iperf\From_France\files>iperf.exe -c XXX.XXX.XXX.151
------------------------------------------------------------
Client connecting to XXX.XXX.XXX.151, TCP port 5001
TCP window size: 64.0 KByte (default)
------------------------------------------------------------
[  3] local XXX.XXX.XXX.151 port 64114 connected with XXX.XXX.XXX.151 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   719 MBytes   603 Mbits/sec

--------------------------------------------------------

My question is this acceptable for a GB switch network?  I suppose if you take 603 and divide into 719 that is 83%; but, I have no frame of reference.  I would think that the power of the computers make a difference as well; but, can someone explain to me:

Question1: What is considered good bandwidth results for a GB LAN connection?

Question2:  What is considered bad babdwidth results for a GB LAN connection?

Question3:  How can I make a definitive test using Iperf?  or any other utility?

Windows UNC (SMB) fails across public network. SMB works inside VM, i.e. 192.168.1.104 from/to 192.168.1.108, however, when trying same mount from inside our office to vCloud environment the mount fails. Wireshark shows the 445 packets never arrive and Windows moves on to port 80 which does not work nor is it expected to. vCloud firewall has an any/any permit rule and Wireshark shows the traffic leaving the office network.

Why I can only get a complete traceroute on my PC to the remote server and not from my access switch to the server. I can ping 10.210.109.220 without any problem.

traceroute from my PC at the main site to the remote server via MPLS:
C:\Users>tracert 10.210.109.220

Tracing route to 10.210.109.220 over a maximum of 30 hops

  1     2 ms     2 ms     2 ms  10.19.31.253
  2    <1 ms    <1 ms    <1 ms  10.187.250.1
  3    <1 ms    <1 ms    <1 ms  10.187.5.41
  4    20 ms    15 ms    19 ms  10.210.11.86
  5    15 ms    15 ms    15 ms  10.210.10.221
  6    39 ms    36 ms    32 ms  10.210.109.220

traceroute from my L3 switch at the main site to the remote server via MPLS:

L3-sw# traceroute 10.210.109.220
traceroute to 10.210.109.220 (10.210.109.220), 30 hops max, 40 byte packets
 1  10.187.5.41 (10.187.5.41)  0.789 ms  0.793 ms  0.65 ms
 2  10.210.11.82 (10.210.11.82)  5.014 ms  5.063 ms  11.98 ms
 3  10.210.10.221 (10.210.10.221)  21.506 ms  15.497 ms  15.627 ms
 4  * * *
 5  * * *
 6  * * *
 7  * * *

I can see in a packet X-Forwarded-For info such that I can see the original source
address of the packet sent to the front end of my load balancer. Now if I am using
wireshark and I only wanted to see packets with a specific x-forwarded-for value,
how could I do that?

What's the best way to check the current bandwidth utilization in the office?  We have have Internet-> PAN fw->juniper switches->users.  Is it something built into those devices to check that or install some app on the top of that, or...
 
I want to look at what bandwidth utilization I have now and estimate it's max growth based on new headcount / office expansion.

Hello Everyone,

I have a SoniWALL NSA 3500 that I am trying to configure to open port 8000 for a Network Video Recorder (Hikvision). I want to port forward.  I created an object for port 8000 and then for the internal IP address that the recorder is going to use. I then went through the Public Server Wizard and and entered the internal IP and then the wizard went ahead and added our WAN address and then created the inside, outside and loopback parameters.  For all intents and purposes this should have opened port 8000 once I went through the wizard.  

Issue is when I try accessing from outside (or even inside my LAN network) using our WAN IP and then adding the 8000 suffix (x.x.x.x:8000) it's not reachable.  I believe I should receive at least a SonicWALL test page, correct?  Even if the device is not plugged into the switch yet I should still get something from the SonicWALL I believe.

Can anyone tell me if there is anything else I can do to make sure that port is open?  Web tests still say the port is closed.

Any help would be most appreciated!

Thanks!

Dear experts,

I came across a situation where I wish to create two subnets as in 192.168.1.1 and 192.169.2.1

The 192.168.1.1 will be my main network which will contains most of the PCs, printers, etc....

The 192.168.2.1 will be my wifi network which all wireless connections such as phones, scanners, etc...

Here is the situation:

1. only have 1 switch with 48 ports (can be configured)
2. one sonicwall firewall  4 ports in back(can be configured)
3. allow the two networks to talk to one another as in if I have a PC in 192.168.1.x and wish to access a wifi device in 192.168.2.x

Here are the things that I wish to get answered and accomplished:
1. I wish to know what will be the "BEST and SIMPLE" configuration to accomplish this task. Thanks!
2. Is it possible to connect all devices into a single switch (the 48 port switch) and have combination of networks like 192.168.1.x and 192.168.2.x together without utilizing the VLAN?