Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Copper

Low Speedtest result when behind CheckPoint Firewall

Subscribed Internet Rate: 10Mbps Download, 10Mbps Upload

Clients behind the CheckPoint firewall only achieves max. of 3Mbps download and upload. If I attached a laptop directly to internet line, I got consistent 10M/10M (download/upload). But, if I used the same laptop and connect to Eth port of the CheckPoint I got the same as the clients behind the firewall.

Security Gateway: CheckPoint 1450

OS: Gaia

Version: R77.20.81 (990172541) 

Enabled Blades:

  • Firewall
  • IPSec VPN
  • IPS
  • Anti-Bot
  • Anti-Virus
  • identity Awareness
  • Application Control
  • URL Filtering
  • QoS
Tags (2)
36 Replies
Highlighted

From his other responses, it seems it was indeed QoS blade limiting his speed test.

0 Kudos
Highlighted
Copper

Hi Gali Fein‌, yes after disabling Qos blade the connection reaches over 3M. I will also consider replacing ethernet cable between Nortel and CheckPoint as the error and dropped packets still exist.

0 Kudos
Highlighted

We have same issue with R77.30, we created support request but they couldn't resolve it.

We have 200M/200M Internet connection, users speedtest results are between 1-10 Mbps and they also have slow web surf performance.

Firstly I added a rule on Firewall policy for my ip as source, destination is any and service is any then I added a rule on  app & url filter policy for my ip as source, destination is Internet and service is any  and also added exception rule for https inspection then I tested, speedtest results were between 50-100 Mbps. 50-100 Mbps was normal  for me because 100-150 Mbps was in use by other users.

I belive there is something wrong with Identity Awareness or App Control & URL Filtering or HTTPS Inspection.

 

0 Kudos
Highlighted
Sapphire

We have same issue with R77.30 - You are not talking about SMB units, i would suppose ? Non sequitur...

Highlighted
Employee
Employee

Which firmware do you use ?

0 Kudos
Highlighted
Pearl

The 1400 series with embedded Gaia does not really have any issues running most of the blades while performing much better than what you are seeing:

And this is running via WiFi AP connected to 1430 through two intermediate switches.

Most common problems I have encountered with SMB appliances were caused by the cheesy switches, mostly used downstream.

Any chance you can replace that Nortel with something a bit more current?

Are there any other switches between 1450 and the PC you are running the speed test from?

Highlighted

Seems like we are facing the same issue. on my setup, it seems that IPS is the one causing the issue. not sure why. However, disabling IPS from our 1450 solved our download issue. we have upgrade our firmware to Version: R77.20.80 (990172392) previously on R77.20.75.
After upgrade the firmware we can see that enabling IPS again does not affecting our download speed like before. so i assume the issue has been resolved. but still we are monitoring it. just in case.