We have a Pix 515E with a VPN tunnel established to a Pix 525. Behind the 525, there is a web farm serving content to users behind the 515E. The 515E PATs the user connections across the tunnel and for the most part, everything works ok. During what seems to be busy/active periods throughout a normal workday, users will complain that their web sessions are dropped, they get logged out of the application they are using on the web farm, some images will fail to load, and performance is sluggish. The problems surface like clockwork during these peak periods and everything behind the 525's network seems to be operating just fine. Other tunnels into that same network report no problems accessing the same site/application on the web farm.
To further pinpoint the problem, we have turned up a spare interface on the 515E, and given it a unique NAT translation address with access to the web farm across the tunnel. When we plug a system directly into that interface, we notice no problem whatsoever with that system during peak periods. To prove it wasn't something farther back into the network, we plugged a system into the switch that is tied right into the "problem" port. That system did prove to have problems. It seems like we are running into some limitation/bottleneck, but nothing is jumping right out.
I suppose there is a slight chance the switch connected to the 515E could be the source of the problems, but there isn't much tied into it and I'm not holding my breath on that. We're going to replace the switch in the near term just to rule it out. Any other thoughts or ideas on what we could be running up against, what else we could look at, what other tests we could perform? This one has been beat to death and while we seem to have narrowed down the issue to 2 devices, we're still having problems pinpointing the root cause of the issue. Any input would be appreciated.
Thanks!
Troy
To further pinpoint the problem, we have turned up a spare interface on the 515E, and given it a unique NAT translation address with access to the web farm across the tunnel. When we plug a system directly into that interface, we notice no problem whatsoever with that system during peak periods. To prove it wasn't something farther back into the network, we plugged a system into the switch that is tied right into the "problem" port. That system did prove to have problems. It seems like we are running into some limitation/bottleneck, but nothing is jumping right out.
I suppose there is a slight chance the switch connected to the 515E could be the source of the problems, but there isn't much tied into it and I'm not holding my breath on that. We're going to replace the switch in the near term just to rule it out. Any other thoughts or ideas on what we could be running up against, what else we could look at, what other tests we could perform? This one has been beat to death and while we seem to have narrowed down the issue to 2 devices, we're still having problems pinpointing the root cause of the issue. Any input would be appreciated.
Thanks!
Troy