Sonicwall Problem

I recently had a T1 data circuit installed to replace a 1M DSL account. We
use a sonicwall pro 200 as our firewall. For some reason when I reconfigure
the network on the sonicwall for the new circuit and bring it up, the web
traffic from network computers on it runs at about 50-60k. The circuit ran
fine when run directly into my laptop. I even tested it through and old
SOHO/10 and it worked there too!

Any ideas on where to look for the cause of this problem? When I put the
circuit back to the DSL account speeds ramp right back up to normal again.
Strangely enough with this traffic problem I'm still able to copy a file to
a remote office through a VPN channel and it seems okay with that kind of
traffic.

Thanks,

Andrew

Re: Sonicwall Problem

Andrew Jones wrote:
> I recently had a T1 data circuit installed to replace a 1M DSL account. We
> use a sonicwall pro 200 as our firewall. For some reason when I reconfigure
> the network on the sonicwall for the new circuit and bring it up, the web
> traffic from network computers on it runs at about 50-60k. The circuit ran
> fine when run directly into my laptop. I even tested it through and old
> SOHO/10 and it worked there too!
>
> Any ideas on where to look for the cause of this problem? When I put the
> circuit back to the DSL account speeds ramp right back up to normal again.
> Strangely enough with this traffic problem I'm still able to copy a file to
> a remote office through a VPN channel and it seems okay with that kind of
> traffic.
>
> Thanks,
>
> Andrew
>
>

Can you be more specific about the T1? Is it a frame relay T1 connected
by an ISP supplied router? Or is it Pt to Pt to the ISP?

Given that the sonic only has ethernet ports, exactly HOW are you
connectiong it to the T1?

I am thinking this is likely some sort of MTU issue here, But need more
info.

Re: Sonicwall Problem

Post removed (X-No-Archive: yes)

Re: Sonicwall Problem

Thanks for responding. I'm doing some more research currently and could use
some assistance in the MTU area if you have some. This T1 circuit is
supplied by the ISP and I don't believe is Frame Relay ... although they do
supply the router and I have no access to it. THis Adtran device (
ethernet ) goes directly into my WAN port. Now I have had some recent
success with forcing my WAN Port to be 10 Mbps Full Duplex. Any attempt at
100 or half duplex yielded poor results. I'm going to see if I can get the
ISP to force that port to one setting and then I'll match it in the sonic
wall.

When I do this, I can do bandwidth speed test that come in at 1.3 but I have
load a heavy graphic page it seems to go a lot slower then that ( I've seen
faster on my 1 Meg DSL at home ). Currently I have MTU set to fragment
outbound packets larger then WAN MTU which is set to 1500.

Thanks,

Andrew
"T. Sean Weintz" wrote in message
news:112p8uj4o6cc3b5@news.supernews.com...
> Andrew Jones wrote:
>> I recently had a T1 data circuit installed to replace a 1M DSL account.
>> We use a sonicwall pro 200 as our firewall. For some reason when I
>> reconfigure the network on the sonicwall for the new circuit and bring it
>> up, the web traffic from network computers on it runs at about 50-60k.
>> The circuit ran fine when run directly into my laptop. I even tested it
>> through and old SOHO/10 and it worked there too!
>>
>> Any ideas on where to look for the cause of this problem? When I put the
>> circuit back to the DSL account speeds ramp right back up to normal
>> again. Strangely enough with this traffic problem I'm still able to copy
>> a file to a remote office through a VPN channel and it seems okay with
>> that kind of traffic.
>>
>> Thanks,
>>
>> Andrew
>
> Can you be more specific about the T1? Is it a frame relay T1 connected by
> an ISP supplied router? Or is it Pt to Pt to the ISP?
>
> Given that the sonic only has ethernet ports, exactly HOW are you
> connectiong it to the T1?
>
> I am thinking this is likely some sort of MTU issue here, But need more
> info.
>

Re: Sonicwall Problem

Sonicwall didn't seem to like that ... gave me "Error: WAN MTU" when I
changed that value. CHecking manuals for explanation on that one.

AJ
"Leythos" wrote in message
news:pan.2005.03.07.19.05.34.970786@nowhere.lan...
> On Mon, 07 Mar 2005 14:02:44 -0500, Andrew Jones wrote:
>>
>> Currently I have MTU set to fragment
>> outbound packets larger then WAN MTU which is set to 1500.
>
> Set your MTU to 1430 and see if that makes any difference.
>
> --
> spam999free@rrohio.com
> remove 999 in order to email me
>

Re: Sonicwall Problem

Andrew Jones wrote:
> Thanks for responding. I'm doing some more research currently and could use
> some assistance in the MTU area if you have some. This T1 circuit is
> supplied by the ISP and I don't believe is Frame Relay ... although they do
> supply the router and I have no access to it. THis Adtran device (
> ethernet ) goes directly into my WAN port. Now I have had some recent
> success with forcing my WAN Port to be 10 Mbps Full Duplex. Any attempt at
> 100 or half duplex yielded poor results. I'm going to see if I can get the
> ISP to force that port to one setting and then I'll match it in the sonic
> wall.
>
> When I do this, I can do bandwidth speed test that come in at 1.3 but I have
> load a heavy graphic page it seems to go a lot slower then that ( I've seen
> faster on my 1 Meg DSL at home ). Currently I have MTU set to fragment
> outbound packets larger then WAN MTU which is set to 1500.

OK, what about INBOUND fragments? the 200 sonics default to dropping
incoming fragmented packets i think. Go to the "rules" tab on the access
page. Edit the rule that allows HTTP traffic - see if the "aloow
fragmented packest" box is checked.

Try lowering the mtu to 1490.

See if either if these help.

Next step is to slap a laptop with etheral on it and see what is going on...

Re: Sonicwall Problem

Andrew Jones wrote:
> Sonicwall didn't seem to like that ... gave me "Error: WAN MTU" when
I
> changed that value. CHecking manuals for explanation on that one.
>
> AJ
> "Leythos" wrote in message
> news:pan.2005.03.07.19.05.34.970786@nowhere.lan...
> > On Mon, 07 Mar 2005 14:02:44 -0500, Andrew Jones wrote:
> >>
> >> Currently I have MTU set to fragment
> >> outbound packets larger then WAN MTU which is set to 1500.
> >
> > Set your MTU to 1430 and see if that makes any difference.
> >
> > --
> > spam999free@rrohio.com
> > remove 999 in order to email me
> >


You probably have already done this, but you should make sure you are
using the latest firmware. Also there is no need to have the WAN set
at 100, 10 should be fine. Your internet is only capable of 1.5.

Re: Sonicwall Problem

Hi,

The SonicWALL currently only accepts MTU increments of 8 (1500, 1492,
1484, 1476, .. 1436, 1428, ...)

joe

SpiritBoy wrote:
> Andrew Jones wrote:
> > Sonicwall didn't seem to like that ... gave me "Error: WAN MTU"
when
> I
> > changed that value. CHecking manuals for explanation on that one.
> >
> > AJ
> > "Leythos" wrote in message
> > news:pan.2005.03.07.19.05.34.970786@nowhere.lan...
> > > On Mon, 07 Mar 2005 14:02:44 -0500, Andrew Jones wrote:
> > >>
> > >> Currently I have MTU set to fragment
> > >> outbound packets larger then WAN MTU which is set to 1500.
> > >
> > > Set your MTU to 1430 and see if that makes any difference.
> > >
> > > --
> > > spam999free@rrohio.com
> > > remove 999 in order to email me
> > >
>
>
> You probably have already done this, but you should make sure you are
> using the latest firmware. Also there is no need to have the WAN set
> at 100, 10 should be fine. Your internet is only capable of 1.5.