Yes. It's not a PIX issue causing the slow VPN. It's a Microsoft issue. I
validated this by putting a vpn test box outside the firewall. The
encryption overhead and known issues with TCP/IP being slower on Windows add
up and cause PPTP to crawl. Add on top of that 56K + internet traffic
between users & your network and it's even worse. I do believe I saw a post
in here saying the Win2K client is available now but I could be mistaken.
I'm not sure why you're having to do clear xlate daily. I only have to do
that when I change static, conduit, or ACL statements (as required in docs).
How much memory do you have in the PIX?
Allen
----- Original Message -----
From: "Kevin O'Gilvie" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 02, 2001 10:51 AM
Subject: Pix Performance Issues
> I have a pix 515 R, and I have noticed that I have to clear xlate at least
> once a day in order to keep it from slowing down internet access, also I
> have users complaining on how slow the vpn is, I am using ms pptp, due to
> the fact that the windows 2000 client has not come out yet. How can I get
> this pix maximize performance without upgrading to the UR, which is what
> cisco recommends which is a 6k investment. Is anypne else running into
these
> issues? Also I have noticed since I am using local authentication, there
is
> no security on my domain, once in all users can map drives , delete and so
> on. I have about 60 users.
>
> Keep in mind that I have global users that use 56k dial up and then pptp
to
> the fw.
>
> TIA
> -Kevin
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
