- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Intrusion detection and prevention
I have the MX100 white papers state this is a 750mb Router. although I can get speeds in the high 800's usually 850x850. Recently all my speeds went down to 350x350 and the only way to get back to my 800 ish speeds is to completely disable "Intrusion detection and prevention" I would like to know if anyone else has noticed recent slowdowns like maybe the Rules have changed. My MX100 should perform 650mb speeds with all Rules enabled but this is no longer the case. I even Tested another MX100 only to see similar results.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have seen this at mx67/68 moving to fw 16 to 17. From 800 > 200
Are you running 17.x firmware?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Running 17.6, When we got the 1gb service our speeds were fine for about a month, then I noticed the slowdown thinking it was ISP issue I had them come over and test, and it was not their side of things. took bit of time to figure out it was the rules, although they have been in place for year only recently it slow down my network.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Is the mode set to Prevention or Detection?
2. Is the ruleset set to Connectivity Balanced or Security?
Have you tested throughput among the various ruleset settings?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have tried every combination, currently, it's Prevention/Connectivity, I thought detection / balanced would help but the only way to get anything over 350x350 is to disable it. Even the White Paper KB says the router should do 650MB with all rules enabled. This is not the case for us here.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I experienced a similar issue with the MX67C after upgrading to MX 17.6: https://community.meraki.com/t5/Security-SD-WAN/WAN-throughput-on-MX67C-running-MX-17-6-firmware/m-p...
Some others with similar hardware/firmware setups chimed in that they were not experiencing the same issue, so it doesn't seem to affect all instances of MX 17.6.
I eventually gave up because WAN link is the bottleneck at all our production sites.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are experiencing the same issue, except ours seems to have started with the upgrade to 16.15 (currently on 16.16.5 with no resolution)
When we disable Intrusion detection and prevention, speed tests show 1 - 1.2 Gbps. When it is enabled with any combination of settings, speed tests go down to around 350 x 350 Mbps. Previously IDP would have some minor effect, but we'd get in the 800 - 900 Mbps range.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same issue with 2 x MX100 with firmware 17.8
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The same problem here.
IDS/IPS on = 364x364
IDS/IPS off = 930x930
This is unacceptable!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Really? You could try the same on Fortinet and be stoked by the sub-par deliverables. 😉
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just to recap on this Thread, the issue was Memory Utilization in my case only solution was to update the router to next model up. We are up and running again.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for sharing, did you have to many users to the model you we're using?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No usage was low about 55 endpoints only less than 15 users. We utilize larger Routers only because our backend internet connection was 1GB.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I been troubleshooting this issue because I was seeing slow speed at the core sw and MX100. With each new firmware on 16 and 17, throughput is getting less and less. From speaking with meraki support, there might be bug/issue with IDS. I have tried multiple setting on IDS and still limited from 180mbs to around 300mbs. This issue can be address by adding a layer 3 sw and limit what the FW needs to do. This also effects inter-vlan routing. Currently running IDS turned off.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Experiencing the same issue since May, no resolution in sight.