We have internal IPS/IDS, and mail filters already setup.
We have tracked down the issue with Sonicwall today, apparently our MTU size is fluctuating. It was set to default 1492, I lowered it to 1404 and then this command : ping google.com -f -l 1400 worked just fine, however an hour later it would come back saying needed to fragment the packet, so now we are running with an MTU of 1360 or 1366 or something . Very odd problem, we are migrating away from the current provider and the powers that be are wondering if this is being done purposefully. Sonicwall engineer said he doesn't recall seeing an MTU size working for 10-15 mins then suddenly be too big. From: Andrew S. Baker [mailto:[email protected]] Sent: Thursday, August 26, 2010 12:11 PM To: NT System Admin Issues Subject: Re: Bandwidth problems You don't NEED the security stuff? Can I ask why?!? ASB <http://XeeSM.com/AndrewBaker> (My XeeSM Profile) Exploiting Technology for Business Advantage... <http://www.wisestamp.com/email-install?utm_source=extension&utm_medium=emai l&utm_campaign=footer> Signature powered by <http://www.wisestamp.com/email-install?utm_source=extension&utm_medium=emai l&utm_campaign=footer> WiseStamp <http://s.wisestamp.com/pixel.png?p=chrome&v=1.2.3.0&t=1282839004056&u=76067 36&e=1283> On Thu, Aug 26, 2010 at 11:38 AM, Lists - Level5 <[email protected]> wrote: Rich, all the security stuff is disabled, we didn't need it anyway but I took it off as a precaution the other day. From: Richard Stovall [mailto:[email protected]] Sent: Wednesday, August 25, 2010 12:19 PM To: NT System Admin Issues Subject: Re: Bandwidth problems Do you have any of the SonicWall security services or content filtering licensed and enabled? Have you cranked up alerting to tell you if the SonicWall might be blocking something because of one of those services? That 5500 should be powerful enough to handle quite a bit of throughput. On Wed, Aug 25, 2010 at 11:55 AM, Level 5 Lists <[email protected]> wrote: I have been troubleshooting a bandwidth problem where connections are dropping. We ran some different tests like speedtest and pingtest as well as a trial of visualware. Everything points to tcp max delay (300ms) being a major issue and suggests packet loss. I have run some tracerts for the ISP and they say its not their side. I tend to believe them a little because if we unplug our Sonicwall and go directly the problem goes away. As a test I rolled out a new Sonicwall 5500, reconfigured it and the problem still exists. We are jumbo framed enabled internally, and our procurve mgmt software has some intermittent issues throughout the network but nothing specific. Does anyone have any good tools they could recommend to test internal connectivity, the few tools i see just test speed which seems to be running just fine (qcheck). Thx ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
