we upgraded from v6.5R4.1 to v7.0R1.0 last thursday and "all" seemed OK until yesterday. Since yesterday we have VERY weak performance on ALL SSLVPN features (Login, Terminal Services, Network Connect, IVE Rewriting).
It is a SA2500 Cluster. I already rebooted the entire cluster. The behavior exists on both nodes.
We are also loosing pings to the interfaces of the both nodes, the switch envirotment is fine.
Anyone having similar problems with 7.0?
I know you've asserted that you're switch environment is fine but the evidence you present does suggest factors outside the SAs, especially given that it was all working fine for most of a week and both members are behaving the same way. Certainly no issues here with our 7.0 units, although I confess I don't have a cluster.
Questions I'd be asking and checking would be:-
What's the CPU usage on the cluster members?
Are you seeing slowdowns accessing the admin interface?
Are the stats on System->Network->Overview clean?
Have you checked all the counters/stats on your switch ports (that connect to the SAs, and to the devices acting as default gateways, if not the switches themselves)?
Any ARP clashes, particularly for the internal and external default gateways configured on your SAs?
Are you sure you have no loops in the network?
Have you checked all the infrastructure between you and the SAs or between the SAs and the environment where your target services are?
I'm guessing that's ground you've explored in detail already however...
Good luck - it'll be interesting to know what the issue was once you do nail it down.
i agree with untruenorth, my upgrade to 7.0 drastically improved our performance. we are however running an SA4500, not sure what specs are for those devices.