Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CheckPoint UTM-1 570 and Gigabit Internet

    General pfSense Questions
    3
    4
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      adam759
      last edited by

      Hello,

      So I just had Comcast gigabit internet installed today, and wow is it truly fast. However, peak performance only if I direct connect my nic to the modem. If I do that, I get the intended speeds:


      880 - 920Mbps down, 40 - 42Mbps up

      However, when we tried connecting through my router, a CheckPoint UTM-1 570 firewall box with PFSense 2.3.3, these are the average speeds I get:


      230 - 340Mbps down, 40 - 42Mbps up

      What is going on here? On the official stats of this box it says it can do 2.5Gbps firewall throughput, but curiously, 300Mbps VPN throughput. I, however, and not using any sort of VPN.

      Here is the spec brochure, the UTM-1 570 specs are on page 18 of the document, or page 16 if looking at the page number printed on the page:
      http://www.inuit.se/gogn/Checkpoint/checkpoint_appliances_brochure.pdf

      Here is the main page of the router for reference as well:

      It is just the modem, the router, and a gigabit switch. To eliminate the switch being a possible bottleneck I connected my nic directly to the LAN interface port on the router but still same results. Is this just a hardware limitation or is there something I can tweak, because both LAN and WAN are gigabit ports and the specs say it can handle the speed, but PFSense is showing otherwise.

      So, what would be recommended I do next? Any help would be greatly appreciated.

      Thanks,

      Adam

      1 Reply Last reply Reply Quote 0
      • A
        adam759
        last edited by

        Or am I just stupid and the processor that the box has is way under powered? It is just curious because the specs of the box clearly say it has gigabit WAN and LAN throughput capability.

        1 Reply Last reply Reply Quote 0
        • M
          MaxPF
          last edited by

          That box if I'm googling correctly is using a single core Celeron M running at 600Mhz. My educated guess is that's not enough computing power to handle 1Gbps of sustained traffic even if it's just basic NAT/FW.

          Anybody feel free to correct me.

          1 Reply Last reply Reply Quote 0
          • w0wW
            w0w
            last edited by

            UTM-1 570
            Intel Celeron M 1.5 GHz
            1 GB RAM
            160 GB ATA HDD
            Firewall Throughput: 2.5 Gbps
            VPN Throughput: 300 Mbps
            IPS Troughput: 1.7 Gbps

            But according to your screenshot it looks more like UTM-1 270 specs
            UTM-1 270
            Intel Celeron M 600 MHz
            1 GB DDR2 RAM 400 MHz
            160 GB ATA HDD
            Firewall Throughput: 1.5 Gbps
            VPN Throughput: 120 Mbps
            IPS Troughput: 1.0 Gbps

            Even if its written in specs that it can do 'Throughput: 1.5 Gbps" I am not sure what does it mean without test specification. The CPU is very low end for gigabit anyway.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.