Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: slow lookups w/ new 5505

slow lookups w/ new 5505 8 years 8 months ago #25534

  • Ender
  • Ender's Avatar
  • Offline
  • New Member
  • Posts: 12
  • Karma: 0
Hi,

I have a 5505 that I just installed w/o doing much of anything to the config.

The problem is that the web pages load really slow, which didn't occur before I swapped out my firewall. It's like it's taking a long time to do the lookup. I've got dns entries which it picked up from my comcast modem, which are the same dns servers I've always used so I'm not sure why the lookups seem to be taking so long.

I'm posting my config below and if anyone has ideas, much appreciated.

[code:1]
ciscoasa# sho running-config
: Saved
:
ASA Version 7.2(3)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password A9//BHDQsDKTXgm7 encrypted
names
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd A9//BHDQsDKTXgm7 encrypted
ftp mode passive
dns server-group DefaultDNS
name-server 73.214.34.205
name-server 68.87.85.98
domain-name default.domain.invalid
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.1.11 255.255.255.255 inside
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!
dhcpd address 192.168.1.2-192.168.1.33 inside
dhcpd enable inside
!

!
!
prompt hostname context
Cryptochecksum:000ea2d63d70ecc1dc1942502be8d728
: end
[/code:1]

And if anyone sees where any of this can be improved, please let me know.
The administrator has disabled public write access.

Re: slow lookups w/ new 5505 8 years 8 months ago #25541

  • Elohim
  • Elohim's Avatar
  • Offline
  • Senior Member
  • Posts: 220
  • Karma: 0
first off...get rid of the default.domain.invalid

Hi,

I have a 5505 that I just installed w/o doing much of anything to the config.

The problem is that the web pages load really slow, which didn't occur before I swapped out my firewall. It's like it's taking a long time to do the lookup. I've got dns entries which it picked up from my comcast modem, which are the same dns servers I've always used so I'm not sure why the lookups seem to be taking so long.

I'm posting my config below and if anyone has ideas, much appreciated.

[code:1]
ciscoasa# sho running-config
: Saved
:
ASA Version 7.2(3)
!
hostname ciscoasa
domain-name default.domain.invalid
enable password A9//BHDQsDKTXgm7 encrypted
names
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd A9//BHDQsDKTXgm7 encrypted
ftp mode passive
dns server-group DefaultDNS
name-server 73.214.34.205
name-server 68.87.85.98
domain-name default.domain.invalid
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.1.11 255.255.255.255 inside
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!
dhcpd address 192.168.1.2-192.168.1.33 inside
dhcpd enable inside
!

!
!
prompt hostname context
Cryptochecksum:000ea2d63d70ecc1dc1942502be8d728
: end
[/code:1]

And if anyone sees where any of this can be improved, please let me know.
The administrator has disabled public write access.
Time to create page: 0.078 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup