  • We upgraded from 6Mb (4x T1) to 24Mb (frac T3). It all works but I can’t seem to spike much above the previous capacity - I’m getting about 7-8Mbps max.

    When I take the netscreen out of the loop (its transparent mode) instantly I get up to the 24mb up and down and everything is much much faster.

    I stripped the config down to almost nothing - just 2 polices allowing ANY ANY ANY both ways. Traffic shaping is off, all custom services/group and list addresses/screens (ping of death etc.) removed, the 4 lowest levels of logging (debugging) etc. are all off. Cpu usuage at 1%.
    But even then its still no faster.
    Software version is 4.0.0r11.0 (Firewall+VPN)

    Almost zero errors on the ethernet ports router and switch its connected to (both at 100/full duplex).

    When they say 100Mbps of firewall am I missing something or is there other things I can try/check?

    Thanks for the suggestions. Finally found it. I was incorrect above and was getting actually about .8% CRC errors on the untrust to router interface (but this in itself isn’t that high)

    Anyway at the suggestion of another NS100 user I set the interfaces on the router and switch and the trust and untrust on the firewall to 100Half duplex- got a slight improvement in speed. (I tried 100full on all and it was worse)

    Lastly tried auto on both netscreen interfaces and 100half on the router and switch and immediately everything is extremely snappy and I show up to 30,000k on the download.

    (I haven’t experimented with all the other combinations yet but will tomorrow - my collisions are about 1.5% right now)

  • The NS100 should have 64,000 sessions so it should be fine. The 5Gt on the other hand is only 2000 sessions limit so he might have less user oulling lots of data. You might want to switch it out with another NS100 to see if it is a hardware issue. When you have it in trasparent mode check you sessions in the CLI or Web UI.

  • From my understand (I’m new to the netscreen hardware) you shouldn’t have any problems.

    I’m running about 20mbit/sec through a Netscreen 5gt without any issues.