AnsweredAssumed Answered

What is the best approach to troubleshoot "slow connections"?

Question asked by Maik Dummer on Nov 6, 2018
Latest reply on Nov 8, 2018 by Timothy Hall

Hello fellow Check Point admins,


to keep it short - how do you troubleshoot slow connections?

Every now and then I receive requests from users/sys admins who complain that their backup jobs or all different kinds of traffic appears to be really slow once they have to pass a firewall in our environment. In most cases I am pretty sure that this is not the case, at least not related to the firewall. But as we all know - it always has to be the firewalls fault.


So that leads to the before mentioned questions. Currently I do several things to verify if I have some issues on the fw side, like:


- checking the related interfaces and error counters

- enable accounting in the logging of a related rule to see the transmitted data size

- check for possible TCP out of state logs, which could be related to timeouts and therefore throttle the connection due to reconnect attempts


But to be honest, I am pretty sure that there are other, better, approaches to determine if the firewall is the cause of slow downs or not. So please, tell me about your recommendations.