LAN Traffic Extreme Slow..Need Help!!!
-
My Diagram as below:
ADSL–Juniper Firewall Rounter(192.168.5.200)--pfsense (192.168.3.2)--Managed switch(192.168.5.10)
|| ||
|| ||
|| PC (192.168.3.50)
||
server (192.168.5.50)fyi–if i put pfsense server in subnet 192.168.5.0/24, i cannot access to local host server (192.168.3.100)...
-
I can see part of the cause of your problem - you're randomly mixing subnets. If the Juniper has 192.168.5.x for it's internal subnet then you must not use that on the internal subnet for pfSense, and the managed switch.
-
For my case. Can you give me example, normally user how to configure it ?
I feel confusion, if i disable the pfsense firewall…the LAN traffic will run more faster.
-
Please ignore previous Diagram. I had revised the Diagram.
ADSL–Juniper Firewall Rounter(192.168.5.200)--Managed switch-------PFsense (192.168.3.2)
(**Firewall tp do the routing for || ||
192.168.5.0/24 &192.168.3.0/24 & || ||
interface 192.168.3.1/32 &192.168.5.1 ) || ||
|| ||
|| PC (192.168.3.50)
||
server (192.168.5.50)***I only want to capture proxy report.
User LAN configuration
IP -192.168.3.xx
subnet - 255.255.255.0
Gateway - 192.168.3.2 (Pfsense server)
DNS - 192.168.5.xx***Server will skip round to Pfsense server.
Server LAN configuration
IP-192.168.5.xx
subnet- 255.255.255.0
Gateway- 192.168.5.1
DNS- 192.168.5.xx -
Where is the performance problem? Is it internal to 192.168.3.x, 192.168.5.x or between the 2 subnets? Is pfSense NATing between the networks, or routing? What hardware do you have and what is the volume of traffic (both in terms of bandwidth and packets per second)?
-
i think is internal problem 192.168.3.x ->192.168.5.x. Because When i open the server share folder, i need to wait for 10 second to open it. If i try to disable the Pfsense firewall, the speed will back to normal (faster).
IF i change the Pfsense LAN IP & my pc IP to 192.168.5.x, example from 192.168.5.x ->192.168.5.x. The speed will like normal, very fast.
I'm using Juniper SSG320M Firewall & HP Procurve Managed Switch.
According to the Status Traffic Graph From Pfsense, In & Out traffic average below 50 Kbps
Ping Result - From 192.168.3.x to 192.168.5.x
–-Reply from 192.168.5.1: bytes=32 time=1ms TTL=64
---Reply from 192.168.5.1: bytes=32 time<1ms TTL=64 -
So, what you're saying is that the problem is only with Windows file shares? Is the only problem with connecting to the share, or is there also a performance problem when accessing files on the share? Are you connecting by hostname or by IP address?
Also, you forgot to say whether pfSense is only routing or also NATing.
-
Today the connection speed to the server feel more faster (like normal speed)….but the performance when accessing to files on the server still not stable....I received this error few times when i open the excel file - "cannot be accessed. The file may be corrupted" & The internet connection not stable, sometime microsoft outlook cannot send out the email, the mail pending in outbox. This few days, i will keep on monitor it.
I'm using both type hostname & IP address.
I'm not sure whether pfsense using routing or NAT...Please refer to below attached file for you to check.
http://www.imageshare.web.id/images/ayc89balwd0tsje7o9jf.jpg
http://www.imageshare.web.id/images/ruswx9j08p35co1p3l0t.jpg
-
I'm not seeing any images, though if you don't know I'd guess NAT.
-
IF u can't see the picture, please click the shortcut link…tq
-
Yes - and at the end of that link is an upload form, not an image.
-
ok, nvm. Let me describe the settings.
Firewall Advanced : Just follow by default setting..
Network Address Translation : By default setting…Disable NAT reflection for port forward.
-
It sounds like you're still NATing, which may be part of your problem. If you don't need it doing NAT try turning it off (though devices on 192.168.5.x will have to know how to route to 192.168.3.x).
-
How do i turn off the NAT ?
-
Someone mentioned, that by removing outbound nat rules will do the job
-
To turn off NAT, just go to:
FIREWALL - NAT - OUTBOUND
There click "Manual outbound NAT", than click save. Then delete all existing rules in Outbound if there are any. Click save.
Thats it. NAT is turned off.If you like to turn off NAt AND firewall, got to:
SYSTEM - ADVANCED - FIREWALL/NAT:
Disable Firewall. -
After Turn Off the NAT, I'm still facing same problem… performance slow when accessing files on the File Server.
If i disable the firewall & Nat, i can't get the proxy report! Why? But for accessing file on the File Server will become more faster, like normal speed...!!
Can i just disable the NAT & Firewall, but i still can continue using squid to capture the traffic & proxy report ?
-
Did you try with bypassing squid for source/destination IP? Take a look if it will be faster then (even if NAT and firewall is enabled)
-
Did you try with bypassing squid for source/destination IP? Take a look if it will be faster then (even if NAT and firewall is enabled)
I had try…still the same.
Can i bypassing for source/destination in Firewall ? -
There isn't a possibility for bypassing the firewall for only some IPs as far as I know.
