Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rahul_Borah
Contributor

Traffic not accelerated by Secure XL-0%

 

Hi mates,

I am facing an issue with secure XL. Traffics not accelerated by Secure XL. F2Fed is 99%

Kindly suggest. Screenshot attached.

Version: R81

Blade: IPS and FW

Rule:350

RAM: 8 GB (85% used)

 

Regards,

RB

 

 

0 Kudos
5 Replies
Chris_Atkinson
Employee Employee
Employee

Is the WAN connection PPPoE?

Or are you using any of the following IPS protections:

* When IPS protection "SYN Attack" ("SYNDefender") is activated in SmartDefense / IPS.

* When IPS protection "Small PMTU" is activated in SmartDefense / IPS.

* When IPS protection "Network Quota" is activated in SmartDefense / IPS (refer to sk31630).

* When IPS protection "Malicious IPs" (DShield.org Storm Center) is activated in SmartDefense / IPS (because it uses Dynamic Objects).

Please also share the following output to start:

[Expert@MyGW:0]# fwaccel stat

CCSM R77/R80/ELITE
0 Kudos
Rahul_Borah
Contributor

Hi Chris,

Please find the details...

* Is the WAN connection PPPoE? NO

* When IPS protection "SYN Attack" ("SYNDefender") is activated in SmartDefense / IPS. Enabled

* When IPS protection "Small PMTU" is activated in SmartDefense / IPS. Inactive

* When IPS protection "Network Quota" is activated in SmartDefense / IPS (refer to sk31630). Inactive

* When IPS protection "Malicious IPs" (DShield.org Storm Center) is activated in SmartDefense / IPS (because it uses Dynamic Objects). Inactive

Screenshot attached...

 

0 Kudos
Timothy_Hall
Legend Legend
Legend

The only red flag is SYNDefender being enabled, but that functionality was added into SecureXL in R80.20 and should not be the cause of high F2F.  sk120476: Important changes in IPS "SYN Attack" (SYN Defender) protection

Was the fwaccel stats -s command run on the standby member of a cluster?  If so high F2F is expected.

Please provide the output of enabled_blades and the Super Seven commands for further diagnosis:

https://community.checkpoint.com/t5/Scripts/S7PAC-Super-Seven-Performance-Assessment-Commands/m-p/40...

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Rahul_Borah
Contributor

Hi,


Please find the details...

Was the fwaccel stats -s command run on the standby member of a cluster? If so high F2F is expected.
A- Yes, F2F is 99%

Please provide the output of enabled_blades and the Super Seven commands for further diagnosis:
A- Only FW and IPS blads are enable

0 Kudos
Chris_Atkinson
Employee Employee
Employee

This is expected on the standby member.

Review the stats on the active member instead.

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events