Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Theo
Collaborator

Low Speedtest result when behind CheckPoint Firewall

Subscribed Internet Rate: 10Mbps Download, 10Mbps Upload

Clients behind the CheckPoint firewall only achieves max. of 3Mbps download and upload. If I attached a laptop directly to internet line, I got consistent 10M/10M (download/upload). But, if I used the same laptop and connect to Eth port of the CheckPoint I got the same as the clients behind the firewall.

Security Gateway: CheckPoint 1450

OS: Gaia

Version: R77.20.81 (990172541) 

Enabled Blades:

  • Firewall
  • IPSec VPN
  • IPS
  • Anti-Bot
  • Anti-Virus
  • identity Awareness
  • Application Control
  • URL Filtering
  • QoS
38 Replies
Pedro_Espindola
Advisor

From his other responses, it seems it was indeed QoS blade limiting his speed test.

0 Kudos
Theo
Collaborator

Hi Gali Fein‌, yes after disabling Qos blade the connection reaches over 3M. I will also consider replacing ethernet cable between Nortel and CheckPoint as the error and dropped packets still exist.

0 Kudos
freeman91
Participant

Hi Theo,

where did u find all those QoS setting? I cannot find QoS blade available on my firewall (6500). Are there any other places to look for those hidden QoS setups?

0 Kudos
_Val_
Admin
Admin

Look at your FW object in the SmartConsole. This post is discussing Quantum Spark (SMB), while your HW is Quantum, completely different line.

0 Kudos
Murat_Oguz
Explorer

We have same issue with R77.30, we created support request but they couldn't resolve it.

We have 200M/200M Internet connection, users speedtest results are between 1-10 Mbps and they also have slow web surf performance.

Firstly I added a rule on Firewall policy for my ip as source, destination is any and service is any then I added a rule on  app & url filter policy for my ip as source, destination is Internet and service is any  and also added exception rule for https inspection then I tested, speedtest results were between 50-100 Mbps. 50-100 Mbps was normal  for me because 100-150 Mbps was in use by other users.

I belive there is something wrong with Identity Awareness or App Control & URL Filtering or HTTPS Inspection.

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

We have same issue with R77.30 - You are not talking about SMB units, i would suppose ? Non sequitur...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Gali_Fein
Employee Alumnus
Employee Alumnus

Which firmware do you use ?

0 Kudos
Vladimir
Champion
Champion

The 1400 series with embedded Gaia does not really have any issues running most of the blades while performing much better than what you are seeing:

And this is running via WiFi AP connected to 1430 through two intermediate switches.

Most common problems I have encountered with SMB appliances were caused by the cheesy switches, mostly used downstream.

Any chance you can replace that Nortel with something a bit more current?

Are there any other switches between 1450 and the PC you are running the speed test from?

Abeja_huhuhu
Contributor

Seems like we are facing the same issue. on my setup, it seems that IPS is the one causing the issue. not sure why. However, disabling IPS from our 1450 solved our download issue. we have upgrade our firmware to Version: R77.20.80 (990172392) previously on R77.20.75.
After upgrade the firmware we can see that enabling IPS again does not affecting our download speed like before. so i assume the issue has been resolved. but still we are monitoring it. just in case.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events