Yes, this is good too. I do not believe it is the PIX, however still worth an investigation. I would start with the 2600 first. I am basing this off the information you gave us from the router.
Regards, Greg DeGennaro Jr., CCNP Security Analyst -----Original Message----- From: Paul Benedek [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 09, 2003 2:08 AM To: 'Mitchell Rowton'; 'Jane Han'; [EMAIL PROTECTED] Subject: RE: where should I start? help! Hi, Once you have identified the traffic type i.e. web traffic port 80, you may wish to consider turning on some of the traffic management features within the Cisco router. This could be a change in queuing strategy and the use of Cisco's committed access rate feature. By using CAR, you can prioritise the traffic and drop any less important traffic if it reaches a certain threshold. Incidentally it is good to use CAR to drop inbound UDP traffic in case of DDOS attacks. The other thought with regard to this could be that your NAT pool in your PIX is not big enough to cope with your outbound requirements. Try increasing your pool size so that you have many translation slots available. Also look at the session timeout values and make sure that you have timeouts to unwanted connections within a reasonable timeframe. Another point to look at is your Ethernet interfaces. Make sure that they are forced connections rather than using auto (100 meg full duplex). If these are causing you any issues, you would see a high number of collisions on the Ethernet port counters. This could also account for a high number of retransmissions and poor throughput on your Internet connection. Regards Paul Benedek Director Excis Networks Limited http://www.excis.co.uk --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
