Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Slow T1 downloads

Status
Not open for further replies.
don1907

don1907

IS-IT--Management
Dec 14, 2006
33
US
We have noticed a real slow internet onnection when downloading. We ran speed tests and we get 1447 up and 600 down. We have a CISCO 1760 router and a Cisco Pix 515e.I have checked the speed and duplex on both the router and PIX and they are the same. What else should i check?
 
Sort by date Sort by votes
can you post the conifgs of both devices??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Here is a sanitized router config

INETRTR-1760#show running-config
Building configuration...

Current configuration : 2548 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname INETRTR-1760
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$TeDg$O6TqMibyfD/vM5TSuu1Yp1
enable password 7 045802150C2E
!
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
ip host pixaux 2005 10.0.0.1
!
ip cef
!
!
!
!
interface Loopback0
ip address 10.0.0.1 255.255.255.0
!
interface FastEthernet0/0
ip address 66.173.204.xxx 255.255.255.240
speed 100
full-duplex
!
interface Serial0/0
ip address 66.173.141.xxx 255.255.255.252
encapsulation ppp
no fair-queue
service-module t1 clock source internal
!
ip classless
ip route 0.0.0.0 0.0.0.0 66.173.141.xxx
ip route 172.16.0.0 255.255.0.0 66.172.204.xxx
ip route 192.168.0.0 255.255.0.0 66.172.204.xxx
no ip http server
!
access-list 10 permit 24.53.142.xx log
alias subinterface i ip address
alias subinterface xn ipx network
alias interface i ip address
alias interface xn ipx network
alias configure acl access-list
alias configure in interface
alias configure rm route-map
alias configure b router bgp
alias configure e router eigrp
alias configure i router igrp
alias configure o router ospf
alias configure r router rip
alias configure xe ipx router eigrp
alias configure xr ipx router rip
alias configure xn ipx router nlsp
alias exec sacl show access-list
alias exec crs copy run start
alias exec sr show running | exclude alias
alias exec srr show running | begin router
alias exec sis show isdn status
alias exec sd show dialer
alias exec sdp show dlsw peers
alias exec sdr sh dlsw reach
alias exec sdc sh dlsw cap
alias exec sir show ip route
alias exec soi show ip ospf interface
alias exec son show ip ospf neighbor
alias exec sei show ip eigrp inter
alias exec sen show ip eigrp neighbor
alias exec set show ip eigrp topol
alias exec cir clear ip route *
alias exec cib clear ip bgp *
alias exec cor clear ip ospf redist
alias exec cxr clear ipx route *
alias exec sip show ip protocols
alias exec si show interface
alias exec sii sh ip int
alias exec sib show ip interface brief
alias exec sxb show ipx interface brief
alias exec sxr show ipx route
alias exec sfm show frame map
alias exec sfp show frame pvc
alias exec sb show ip bgp
alias exec sbs show ip bgp summary
alias exec sbn sh ip bgp neigh
alias exec c conf t
!
line con 0
exec-timeout 0 0
password 7 090D043B16100317194D072525
logging synchronous
line aux 0
modem InOut
transport input all
line vty 0 4
access-class 10 in
password 7 0860067C060C1112004A1A1033

Here is the PIX config

PIX Version 6.3(3)
interface ethernet0 100full
interface ethernet1 100full
interface ethernet2 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 DMZ security4
enable password 5AazmePNQ8pICi2X encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname epa515
domain-name eastportanalytics.com
clock timezone est -5
no fixup protocol dns
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol pptp 1723
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
no fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
object-group network EPA_www
description All servers providing to the outside
network-object host 66.173.204.xx3
network-object host 66.173.204.xx4
network-object host 66.173.204.xx5
network-object host 66.173.204.xx6
network-object host 66.173.204.xx7
network-object host 66.173.204.xx8
network-object host 66.173.204.xx9
network-object host 66.173.204.xx0
object-group network EPA_https
description All servers providing HTTPS services to the outside
network-object host 66.173.204.xx3
network-object host 66.173.204.xx4
object-group network EPA_smtp
description All servers providing SMTP services to the outside
network-object host 66.173.204.xx3
network-object host 66.173.204.xx4
network-object host 66.173.204.xx5
network-object host 66.173.204.xx8
network-object host 66.173.204.xx6
object-group network EPA_dns
description All servers providing DNS services to the outside
network-object host 66.173.204.xx6
network-object host 66.173.204.xx8
object-group network EPA_cavtel_dns
description Cavtel External DNS servers used for Zone Transfer
network-object host 216.220.40.243
network-object host 64.39.29.212
network-object host 216.220.40.250
network-object host 209.200.131.4
network-object host 66.225.199.10
network-object host 216.246.59.66
network-object 205.210.42.0 255.255.255.0
network-object 216.220.40.240 255.255.255.240
network-object 209.200.131.0 255.255.255.0
network-object 209.200.151.0 255.255.255.0
network-object 209.200.177.0 255.255.255.0
network-object 209.200.141.0 255.255.255.0
network-object 66.252.1.10 255.255.255.255
network-object 205.234.220.154 255.255.255.255
network-object 205.234.220.146 255.255.255.255
network-object 205.234.160.98 255.255.255.255
network-object 64.202.104.250 255.255.255.255
network-object 206.223.184.240 255.255.255.240
network-object 216.246.59.82 255.255.255.255
object-group network EPA_https_real
description All servers providing HTTPS services to the outside
network-object 192.168.30.x0 255.255.255.255
network-object 192.168.30.x1 255.255.255.255
object-group network EPA_dns_real
description All servers providing DNS services to the outside
network-object 172.16.250.x1 255.255.255.255
network-object 172.16.250.x0 255.255.255.255
access-list acl_out permit icmp any any
access-list acl_out permit tcp any host 66.173.204.xx4 eq https
access-list acl_out permit tcp any host 66.173.204.xx4 eq www
access-list acl_out permit tcp any host 66.173.204.xx4 eq smtp
access-list acl_out permit tcp any host 66.173.204.xx3 eq https
access-list acl_out permit tcp any host 66.173.204.xx3 eq www
access-list acl_out permit tcp any host 66.173.204.xx5 eq www
access-list acl_out permit tcp any host 66.173.204.xx6 eq www
access-list acl_out permit tcp any host 66.173.204.xx7 eq www
access-list acl_out permit udp any host 66.173.204.xx6 eq domain
access-list acl_out permit tcp any host 66.173.204.xx3 eq ftp
access-list 88 permit ip 192.168.20.0 255.255.255.0 192.168.5.0 255.255.255.0
access-list 88 permit ip 192.168.25.0 255.255.255.0 192.168.5.0 255.255.255.0
access-list 88 permit ip 192.168.30.0 255.255.255.0 192.168.5.0 255.255.255.0
access-list 88 permit ip 192.168.40.0 255.255.255.0 192.168.5.0 255.255.255.0
access-list 88 permit ip 192.168.10.0 255.255.255.0 192.168.5.0 255.255.255.0
access-list 88 permit ip 192.168.20.0 255.255.255.0 192.168.6.0 255.255.255.0
access-list 88 permit ip 192.168.30.0 255.255.255.0 192.168.6.0 255.255.255.0
access-list 88 permit ip 192.168.40.0 255.255.255.0 192.168.6.0 255.255.255.0
access-list VPNAdmins_splitTunnelAcl permit ip 192.168.10.0 255.255.255.0 any
access-list VPNAdmins_splitTunnelAcl permit ip 192.168.20.0 255.255.255.0 any
access-list VPNAdmins_splitTunnelAcl permit ip 192.168.30.0 255.255.255.0 any
access-list VPNAdmins_splitTunnelAcl permit ip 192.168.40.0 255.255.255.0 any
access-list VPNAdmins_splitTunnelAcl permit ip 172.16.250.0 255.255.255.0 any
access-list DMZ_outbound_nat0_acl permit ip 172.16.250.0 255.255.255.0 192.168.5
.0 255.255.255.0
access-list outside_cryptomap_dyn_20 permit ip any 192.168.5.0 255.255.255.0
access-list DMZ_cryptomap_dyn_20 permit ip any 192.168.5.0 255.255.255.0
access-list VPNDmz_splitTunnelAcl permit ip 192.168.10.0 255.255.255.0 any
access-list VPNDmz_splitTunnelAcl permit ip 192.168.20.0 255.255.255.0 any
access-list VPNDmz_splitTunnelAcl permit ip 192.168.30.0 255.255.255.0 any
access-list VPNDmz_splitTunnelAcl permit ip 192.168.40.0 255.255.255.0 any
access-list VPNUsers_splitTunnelAcl_1 permit ip 192.168.10.0 255.255.255.0 any
access-list VPNUsers_splitTunnelAcl_1 permit ip 192.168.20.0 255.255.255.0 any
access-list VPNUsers_splitTunnelAcl_1 permit ip 192.168.30.0 255.255.255.0 any
access-list VPNUsers_splitTunnelAcl_1 permit ip 192.168.40.0 255.255.255.0 any
access-list VPNUsers_splitTunnelAcl_1 permit ip 172.16.250.0 255.255.255.0 any
access-list outside_cryptomap_dyn_40 permit ip any 192.168.5.0 255.255.255.0
access-list outside_cryptomap_dyn_60 permit ip any 192.168.5.0 255.255.255.0
access-list DMZ_inside permit tcp host 172.16.250.x0 eq 20031 host 192.168.30.x1
eq 20031
access-list DMZ_inside permit udp host 172.16.250.x0 eq 20031 host 192.168.30.x1
eq 20031
access-list DMZ_inside permit tcp host 172.16.250.x0 eq 20031 host 192.168.30.x1
eq 20031
access-list DMZ_inside permit udp host 172.16.250.x0 eq 20031 host 192.168.30.x1
eq 20031
access-list DMZ_inside permit udp host 172.16.250.x0 host 192.168.30.x1 range 20
050 20070
access-list DMZ_inside permit udp host 172.16.250.x0 host 192.168.30.x1 range 20
050 20070
access-list DMZ_inside permit tcp host 172.16.250.x0 host 192.168.30.x1 range 20
031 20050
access-list DMZ_inside permit tcp host 172.16.250.x0 host 192.168.30.x1 range 20
031 20050
access-list DMZ_inside permit tcp host 172.16.250.x0 host 192.168.30.x0 eq smtp

access-list DMZ_inside permit tcp host 172.16.250.x0 host 192.168.30.x1 eq smtp

access-list DMZ_inside permit tcp host 172.16.250.x0 host 192.168.30.x1 eq domai
n
access-list DMZ_inside permit tcp host 172.16.250.x1 host 192.168.30.x1 eq domai
n
access-list DMZ_inside permit udp host 172.16.250.x1 host 192.168.30.x1 eq domai
n
access-list DMZ_inside permit udp host 172.16.250.x1 host 64.83.1.x0 eq domain
access-list DMZ_inside permit udp host 172.16.250.x1 host 64.83.0.x0 eq domain
access-list DMZ_inside permit ip 172.16.250.0 255.255.255.0 192.168.5.0 255.255.
255.0
access-list DMZ_inside permit ip host 172.16.250.xx9 host 172.16.250.x
access-list DMZ_inside permit ip host 172.16.250.xx0 host 172.16.250.x
access-list DMZ_inside permit ip 172.16.253.0 255.255.255.248 host 172.16.250.x

access-list DMZ_inside permit ip 172.16.253.xx 255.255.255.248 host 172.16.250.x

access-list DMZ_inside deny ip 172.16.253.0 255.255.255.248 192.168.10.0 255.255
.255.0
access-list DMZ_inside deny ip 172.16.253.0 255.255.255.248 192.168.20.0 255.255
.255.0
access-list DMZ_inside deny ip 172.16.253.0 255.255.255.248 192.168.30.0 255.255
.255.0
access-list DMZ_inside deny ip 172.16.253.0 255.255.255.248 192.168.40.0 255.255
.255.0
access-list DMZ_inside deny ip 172.16.253.xx 255.255.255.248 192.168.10.0 255.25
5.255.0
access-list DMZ_inside deny ip 172.16.253.xx 255.255.255.248 192.168.20.0 255.25
5.255.0
access-list DMZ_inside deny ip 172.16.253.xx 255.255.255.248 192.168.30.0 255.25
5.255.0
access-list DMZ_inside deny ip 172.16.253.16 255.255.255.248 192.168.40.0 255.25
5.255.0
access-list DMZ_inside deny ip 172.16.250.0 255.255.255.0 192.168.10.0 255.255.2
55.0
access-list DMZ_inside deny ip 172.16.250.0 255.255.255.0 192.168.20.0 255.255.2
55.0
access-list DMZ_inside deny ip 172.16.250.0 255.255.255.0 192.168.30.0 255.255.2
55.0
access-list DMZ_inside deny ip 172.16.250.0 255.255.255.0 192.168.40.0 255.255.2
55.0
access-list DMZ_inside permit ip 172.16.253.0 255.255.255.248 any
access-list DMZ_inside permit ip 172.16.253.16 255.255.255.248 any
access-list DMZ_inside permit ip 172.16.250.0 255.255.255.0 any
access-list VPNConsult_splitTunnelAcl_1 permit ip 192.168.10.0 255.255.255.0 any

access-list VPNConsult_splitTunnelAcl_1 permit ip 192.168.20.0 255.255.255.0 any

access-list VPNConsult_splitTunnelAcl_1 permit ip 192.168.40.0 255.255.255.0 any

access-list VPNConsult_splitTunnelAcl_1 permit ip 172.16.250.0 255.255.255.0 any

access-list acl_outside permit tcp any object-group EPA_ www
access-list acl_outside permit tcp any object-group EPA_https eq https
access-list acl_outside permit tcp any object-group EPA_smtp eq smtp
access-list acl_outside permit udp any object-group EPA_dns eq domain
access-list acl_outside permit tcp object-group EPA_cavtel_dns object-group EPA_
dns eq domain
access-list acl_outside permit udp object-group EPA_cavtel_dns object-group EPA_
dns eq domain
access-list acl_outside permit tcp any host 66.173.204.xx3 eq ftp
access-list acl_outside permit tcp any host 66.173.204.xx4 eq https
access-list acl_outside permit tcp any host 66.173.204.xx4 eq 993
access-list acl_outside permit tcp any host 66.173.204.xx4 eq imap4
access-list 109 permit tcp any object-group EPA_dns eq domain
access-list 109 permit udp any object-group EPA_dns eq domain
pager lines 24
logging on
logging timestamp
logging standby
logging console critical
logging monitor debugging
logging buffered debugging
logging trap informational
logging history informational
logging queue 3000
icmp deny any outside
icmp permit any DMZ
mtu outside 1800
mtu inside 1800
mtu DMZ 1500
ip address outside 66.173.204.21x 255.255.255.240
ip address inside 172.16.251.x 255.255.255.252
ip address DMZ 172.16.250.x 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool EPANatPool 192.168.x.10-192.168.5.254
ip local pool EPAPPTP 192.168.x.10-192.168.6.254
pdm location 192.168.20.xx4 255.255.255.255 inside
pdm location 192.168.20.0 255.255.255.0 inside
pdm location 192.168.40.0 255.255.255.0 inside
pdm location 192.168.30.20 255.255.255.255 inside
pdm location 192.168.0.0 255.255.0.0 inside
pdm location 10.10.11.xx0 255.255.255.255 outside
pdm location 172.16.250.x0 255.255.255.255 DMZ
pdm location 24.53.142.x0 255.255.255.255 outside
pdm location 192.168.25.0 255.255.255.0 inside
pdm location 192.168.30.0 255.255.255.0 inside
pdm location 192.168.40.x9 255.255.255.255 inside
pdm location 192.168.25.x0 255.255.255.255 inside
pdm location 192.168.30.x1 255.255.255.255 inside
pdm location 192.168.10.0 255.255.255.0 inside
pdm location 172.16.250.x1 255.255.255.255 DMZ
pdm location 172.16.250.x2 255.255.255.255 DMZ
pdm location 192.168.5.0 255.255.255.0 inside
pdm location 207.196.42.0 255.255.255.0 outside
pdm location 207.196.62.0 255.255.255.0 outside
pdm location 192.168.40.x8 255.255.255.255 inside
pdm location 172.16.250.x0 255.255.255.255 DMZ
pdm location 172.16.250.x1 255.255.255.255 DMZ
pdm location 172.16.250.x2 255.255.255.255 DMZ
pdm location 172.16.250.xx9 255.255.255.255 DMZ
pdm location 172.16.250.xx0 255.255.255.255 DMZ
pdm location 172.16.253.0 255.255.255.248 DMZ
pdm location 172.16.253.x6 255.255.255.248 DMZ
pdm location 64.39.29.xx2 255.255.255.255 outside
pdm location 216.220.40.xx3 255.255.255.255 outside
pdm location 216.220.40.xx0 255.255.255.255 outside
pdm location 209.200.131.x 255.255.255.255 outside
pdm location 192.168.30.x3 255.255.255.255 inside
pdm location 64.202.104.xx0 255.255.255.255 outside
pdm location 66.225.199.x0 255.255.255.255 outside
pdm location 66.252.1.x0 255.255.255.255 outside
pdm location 205.210.42.0 255.255.255.0 outside
pdm location 205.234.160.x8 255.255.255.255 outside
pdm location 205.234.220.xx6 255.255.255.255 outside
pdm location 205.234.220.xx4 255.255.255.255 outside
pdm location 206.223.184.xx0 255.255.255.240 outside
pdm location 209.200.131.0 255.255.255.0 outside
pdm location 209.200.141.0 255.255.255.0 outside
pdm location 209.200.151.0 255.255.255.0 outside
pdm location 209.200.177.0 255.255.255.0 outside
pdm location 216.220.40.x0 255.255.255.240 outside
pdm location 216.246.59.x6 255.255.255.255 outside
pdm location 216.246.59.82 255.255.255.255 outside
pdm group EPA_https_real inside
pdm group EPA_dns_real DMZ
pdm group EPA_https outside reference EPA_https_real
pdm group EPA_dns outside reference EPA_dns_real
pdm group EPA_cavtel_dns outside
pdm history enable
arp timeout 14400
global (outside) 1 66.173.204.xx1 netmask 255.255.255.240
global (outside) 2 66.173.204.xx2 netmask 255.255.255.240
nat (inside) 0 access-list 88
nat (inside) 2 192.168.10.0 255.255.255.0 0 0
nat (inside) 2 192.168.20.0 255.255.255.0 0 0
nat (inside) 2 192.168.30.0 255.255.255.0 0 0
nat (inside) 1 192.168.40.0 255.255.255.0 0 0
nat (DMZ) 0 access-list DMZ_outbound_nat0_acl
nat (DMZ) 1 172.16.250.0 255.255.255.0 0 0
static (DMZ,outside) tcp 66.173.204.xx smtp 172.16.250.x0 smtp netmask 255.255.
255.255 0 0
static (inside,outside) tcp 66.173.204.xx 8090 netmask 255.25
5.255.255 0 0
static (inside,outside) 66.173.204.xx3 192.168.30.x0 netmask 255.255.255.255 0 0

static (inside,DMZ) 192.168.40.0 192.168.40.0 netmask 255.255.255.0 0 0
static (inside,DMZ) 192.168.20.0 192.168.20.0 netmask 255.255.255.0 0 0
static (inside,DMZ) 192.168.30.0 192.168.30.0 netmask 255.255.255.0 0 0
static (DMZ,inside) 172.16.250.0 172.16.250.0 netmask 255.255.255.0 0 0
static (DMZ,outside) 66.173.204.xx 172.16.250.21 netmask 255.255.255.255 0 0
static (DMZ,outside) 66.173.204.xx7 172.16.250.22 netmask 255.255.255.255 0 0
static (DMZ,outside) 66.173.204.xx8 172.16.250.30 netmask 255.255.255.255 0 0
static (DMZ,outside) 66.173.204.xx9 172.16.250.31 netmask 255.255.255.255 0 0
static (DMZ,outside) 66.173.204.xx0 172.16.250.32 netmask 255.255.255.255 0 0
static (inside,outside) 66.173.204.xx4 192.168.30.21 netmask 255.255.255.255 0 0

static (inside,outside) 66.173.204.xx5 192.168.30.x3 netmask 255.255.255.255 0 0

access-group acl_outside in interface outside
access-group DMZ_inside in interface DMZ
route outside 0.0.0.0 0.0.0.0 66.173.204.xx9 1
route inside 192.168.0.0 255.255.0.0 172.16.251.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 3:00:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
aaa-server EPA-RADIUS protocol radius
aaa-server EPA-RADIUS (inside) host 192.168.30.21 p1xrad1u5 timeout 10
aaa authentication ssh console LOCAL
http server enable
http 24.53.142.x0 255.255.255.255 outside
http 207.196.42.0 255.255.255.0 outside
http 207.196.62.0 255.255.255.0 outside
http 192.168.40.x9 255.255.255.255 inside
http 192.168.30.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
tftp-server inside 192.168.40.x9 /cisco/pix/
floodguard enable
sysopt connection permit-ipsec
sysopt connection permit-pptp
sysopt connection permit-l2tp
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5
crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-MD5
crypto dynamic-map outside_dyn_map 60 match address outside_cryptomap_dyn_60
crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-MD5
crypto dynamic-map DMZ_dyn_map 20 match address DMZ_cryptomap_dyn_20
crypto dynamic-map DMZ_dyn_map 20 set transform-set ESP-3DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map client authentication EPA-RADIUS
crypto map outside_map interface outside
crypto map DMZ_map 65535 ipsec-isakmp dynamic DMZ_dyn_map
crypto map DMZ_map client authentication EPA-RADIUS
crypto map DMZ_map interface DMZ
crypto map ouside_map client configuration address initiate
crypto map ouside_map client configuration address respond
isakmp enable outside
isakmp enable DMZ
isakmp nat-traversal 20
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption 3des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup VPNAdmins address-pool EPANatPool
vpngroup VPNAdmins dns-server 192.168.30.x1 192.168.30.x6
vpngroup VPNAdmins default-domain eastportanalytics.com
vpngroup VPNAdmins split-tunnel VPNAdmins_splitTunnelAcl
vpngroup VPNAdmins pfs
vpngroup VPNAdmins idle-time 1800
vpngroup VPNAdmins password ********
vpngroup VPNUsers address-pool EPANatPool
vpngroup VPNUsers dns-server 192.168.30.x1 192.168.30.x26
vpngroup VPNUsers default-domain eastportanalytics.com
vpngroup VPNUsers split-tunnel VPNUsers_splitTunnelAcl_1
vpngroup VPNUsers idle-time 1800
vpngroup VPNUsers password ********
vpngroup VPNDmz address-pool EPANatPool
vpngroup VPNDmz dns-server 192.168.30.x1 192.168.30.x6
vpngroup VPNDmz default-domain eastportanalytics.com
vpngroup VPNDmz split-tunnel VPNDmz_splitTunnelAcl
vpngroup VPNDmz idle-time 1800
vpngroup VPNDmz password ********
vpngroup VPNConsult address-pool EPANatPool
vpngroup VPNConsult dns-server 192.168.30.x1 192.168.30.x6
vpngroup VPNConsult default-domain eastportanalytics.com
vpngroup VPNConsult split-tunnel VPNConsult_splitTunnelAcl_1
vpngroup VPNConsult idle-time 1800
vpngroup VPNConsult password ********
telnet timeout 5
ssh 24.53.142.x0 255.255.255.255 outside
ssh 207.196.42.0 255.255.255.0 outside
ssh 207.196.62.0 255.255.255.0 outside
ssh 192.168.40.x9 255.255.255.255 inside
ssh 192.168.40.x8 255.255.255.255 inside
ssh 192.168.30.0 255.255.255.0 inside
ssh timeout 60
console timeout 0
vpdn group PPTP-VPDN-GROUP accept dialin pptp
vpdn group PPTP-VPDN-GROUP ppp authentication chap
vpdn group PPTP-VPDN-GROUP ppp authentication mschap
vpdn group PPTP-VPDN-GROUP ppp encryption mppe auto
vpdn group PPTP-VPDN-GROUP client configuration address local EPAPPTP
vpdn group PPTP-VPDN-GROUP client configuration dns 192.168.30.20 192.168.30.21
vpdn group PPTP-VPDN-GROUP client configuration wins 192.168.30.20 192.168.30.21

vpdn group PPTP-VPDN-GROUP client authentication aaa EPA-RADIUS
vpdn group PPTP-VPDN-GROUP pptp echo 60
vpdn username krislocal password *********
vpdn username mark password *********
vpdn enable outside
username pwherrx password yMrlb7CTm2FgGo/c encrypted privilege 15
username emmettx password sAL0w4P0sIQYI/Vu encrypted privilege 15
username xhammond password MlcQgCHOwjYegMdh encrypted privilege 15
terminal width 80
Cryptochecksum:cb9910b3330a64993b9a7e7ef7493979
: end
 
Upvote 0 Downvote
definitely change your mtu back to 1500 for your outside and inside interfaces. also, is the slow download speed consistent with every site you go to or just a few??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
I have changed it to 1500. It seems to be slow on the download side with any site I go to. I just did a speed test and my up was 1300 and down was 597. We have only 5 users on the network today.
 
Upvote 0 Downvote
on the router, can you post sh int f0/0 and [/b]sh int s0/0[/b]??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Here are the interfaces

INETRTR-1760>sh int f0/0
FastEthernet0/0 is up, line protocol is up
Hardware is PQUICC_FEC, address is 000b.be90.1d55 (bia 000b.be90.1d55)
Internet address is 66.173.204.209/28
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:53:58, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 69000 bits/sec, 38 packets/sec
5 minute output rate 321000 bits/sec, 40 packets/sec
2067101492 packets input, 421785518 bytes
Received 945228 broadcasts, 0 runts, 0 giants, 0 throttles
8897908 input errors, 8895972 CRC, 23 frame, 176 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
2343725167 packets output, 1756809692 bytes, 3 underruns
3 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
INETRTR-1760>

INETRTR-1760>sh int s0/0
Serial0/0 is up, line protocol is up
Hardware is PQUICC with Fractional T1 CSU/DSU
Internet address is 66.173.141.206/30
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,
reliability 255/255, txload 16/255, rxload 37/255
Encapsulation PPP, LCP Open
Listen: CDPCP
Open: IPCP, loopback not set
Last input 00:00:16, output 00:00:00, output hang never
Last clearing of "show interface" counters 3y8w
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2232912
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 226000 bits/sec, 41 packets/sec
5 minute output rate 99000 bits/sec, 40 packets/sec
2342205619 packets input, 4015937650 bytes, 0 no buffer
Received 0 broadcasts, 1 runts, 3 giants, 0 throttles
291753 input errors, 26714 CRC, 166154 frame, 0 overrun, 0 ignored, 98883 abort
2072817085 packets output, 3364894012 bytes, 0 underruns
0 output errors, 0 collisions, 177 interface resets
0 output buffer failures, 0 output buffers swapped out
43 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
 
Upvote 0 Downvote
holy crap look at all of those input errors. ok, one last thing; post sh int stats from the pix. once we see those we can get an idea of where to go next.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Here is the PIX Stats

epa515(config)# show interface
interface ethernet0 "outside" is up, line protocol is up
Hardware is i82559 ethernet, address is 000f.34ac.f208
IP address 66.173.204.210, subnet mask 255.255.255.240
MTU 1500 bytes, BW 100000 Kbit full duplex
1185062612 packets input, 3602197302 bytes, 0 no buffer
Received 240088 broadcasts, 78484 runts, 0 giants
83247 input errors, 2748 CRC, 2015 frame, 0 overrun, 2748 ignored, 0 abort
1096911093 packets output, 2777530072 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/128) software (0/36)
output queue (curr/max blocks): hardware (0/128) software (0/1)
interface ethernet1 "inside" is up, line protocol is up
Hardware is i82559 ethernet, address is 000f.34ac.f209
IP address 172.16.251.2, subnet mask 255.255.255.252
MTU 1500 bytes, BW 100000 Kbit full duplex
1027386263 packets input, 1798330592 bytes, 0 no buffer
Received 1 broadcasts, 0 runts, 0 giants
2 input errors, 0 CRC, 0 frame, 2 overrun, 0 ignored, 0 abort
1099826868 packets output, 484125817 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/128) software (0/128)
output queue (curr/max blocks): hardware (0/74) software (0/1)
interface ethernet2 "DMZ" is up, line protocol is up
Hardware is i82559 ethernet, address is 0002.b3ec.4a03
IP address 172.16.250.1, subnet mask 255.255.255.0
MTU 1500 bytes, BW 100000 Kbit full duplex
113187873 packets input, 5154635 bytes, 0 no buffer
Received 28927483 broadcasts, 0 runts, 0 giants
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
62349464 packets output, 3292677198 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 babbles, 0 late collisions, 0 deferred
0 lost carrier, 0 no carrier
input queue (curr/max blocks): hardware (128/128) software (0/20)
output queue (curr/max blocks): hardware (0/10) software (0/1)
 
Upvote 0 Downvote
all right, so the pix is not your problem. the problem lies with the router. the first thing i would do is contact your service provider and have them check your line to make sure that it is clean. make sure you tell them that you have a high amount of input errors on your serial interface.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
234
Nitta84
Nitta84
ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
94
iggsterman
iggsterman
alex1002
  • Locked
  • Question
Sonicwall SSLVPN very slow Throughput accessing network files
Replies
1
Views
151
alex1002
alex1002
jmkelly
  • Locked
  • Question
Downloads from Microsoft licensing site fail on ASA5510
Replies
4
Views
89
baddos
baddos
dcusher
  • Locked
  • Question
Slow connection when using PIX 501. Reboot fixes temporarily.
Replies
0
Views
28
dcusher
dcusher

Part and Inventory Search

Sponsor

Back
Top