Recently we changed the slow internet provider to a faster one with 100/100 (up/down load). It was changed on the same interface of the FW. ( Eth1/2- same for the old and the new service provider)
Ever since the change, the download is intermittent or the download freezes.
Below is the detail session view of the session when the download froze.
When the connection is made directly to the laptop for testing purposes, everything works fine. No download issues, nothing freezes.
Below is the interface output for 1/2:
The ehmon, brdagent etc logs are all fine (no sign on hardware issue)
How do I go on resolving this issue? Is there any cache that can be deleted? Any flow control issue perhaps?
Any help will be greatly appreciated.
You've verified that MTU, speed, and duplex are all setup properly for the new ISP? The next step after reviewing that and logs would be to take a PCAP and see if you see anything out of the ordinary there. From what you've posted it looks like the session is staying alive on the firewall side of things, so I'm assuming that you have some ISP issued equipment on-site as well.
Hi @BPry ,
Below is what I found: Looks like the ISP side link is 100Mpbs and Interface in PAN connected to that router is auto.
I want to know if PAN Is set to auto and the other end is 100 will that not negotiate automatically? I have not tested yet but do you suggest i change the PAN side to 100 too?
Interesting, from the captures what i see is the windowing size is different in the Rx and Tx stage as below and the the sequence no has a exceptional difference:
I am also planning to reboot the firewall and on site the ISP vendors were changed from slow to a fast speed one (changed the internet provider, I do not know if some process is stuck somewhere).
Let me know your thoughts.
Thanks in advance.
When it comes to speed/duplex, both sides must have the same configuration. If yours is set to Auto and theirs is set to 100/full, the devices will drop to 100/half. However since you connect a laptop to the same interface from the ISP and it works just fine, I doubt this is the issue, but worth a check.
Another thing to check is how much traffic you are pushing through the PA-440, could it be overloaded? Also check the policies you have on the traffic. Are you decrypting the traffic, have netflow enabled, etc.? Create a test policy where there is no filtering or security applied and see if the issue is still present.
Hi @OtakarKlier ,
Changing the port on FW to 100mb/sec actually broke the connection (Performed a Hard reboot prior to that). Tried enabling flow control with no luck and I also verified remote is not sending any pause msgs. Have even enabled jumbo frames but all in vain. Traffic is not at all overloaded, has less than 10 users. The policies have no sec policies/filters and it's a flat network. What could I be testing next?
The global counter for packet filter was as below and changing the interface values for MTU/TMSS also yielded no difference. Could this is an HW issue?
note: no profiles / QoS / etc used and MTUs are also aligned
when the testing was done, the download just got stuck after some time and never resumed.
However, MTU and ipfrag counters increased.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!