Small breaks

Hi,

I have PIX 515 with 6 Ethernet Ports and I have big problem for me. I have a lots of small breakes during workong on internet. For example: when I am working at home, remote desktop hangs up for few seconds, the same problem when I am using web browse to see sites. During this time VPN works fine, pings are ok too and downloading from internet is very fast and stable. What's wrong in my conf?

: Saved : Written by enable_15 at 22:47:25.769 CEST Sat Dec 16 2006 ! PIX Version 7.2(1) ! hostname pix domain-name domain.com enable password * encrypted names ! interface Ethernet0 description Global network nameif outside security-level 0 ip address 204.69.70.2 255.255.255.0 ! interface Ethernet1 description Lan network nameif inside security-level 100 ip address 10.1.10.1 255.255.0.0 ! interface Ethernet2 shutdown no nameif no security-level no ip address ! interface Ethernet3 shutdown no nameif no security-level no ip address ! interface Ethernet4 shutdown no nameif no security-level no ip address ! interface Ethernet5 shutdown no nameif no security-level no ip address ! passwd snIdTT.427CBQDcl encrypted ftp mode passive clock timezone CEST 1 clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00 dns server-group DefaultDNS domain-name domain.com access-list lan extended permit icmp 10.1.0.0 255.255.0.0 any access-list lan extended permit ip 10.1.0.0 255.255.0.0 any access-list ipsec extended permit ip 10.1.0.0 255.255.0.0 10.100.0.0

255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.100.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.101.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.102.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.103.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.104.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.105.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.106.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.107.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.108.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.109.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.110.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.111.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.112.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.113.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.114.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.115.0.0 255.255.255.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.3.0.0 255.255.0.0 access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.4.0.0 255.255.255.0

access-list nonat extended permit ip 10.1.0.0 255.255.0.0 10.5.0.0 255.255.255.0

access-list nonat extended permit ip 10.1.0.0 255.255.0.0 192.168.0.0

255.255.255.0 access-list ipsec1 extended permit ip 10.1.0.0 255.255.0.0 10.101.0.0 255.255.255.0 access-list ipsec2 extended permit ip 10.1.0.0 255.255.0.0 10.102.0.0 255.255.255.0 access-list ipsec3 extended permit ip 10.1.0.0 255.255.0.0 10.103.0.0 255.255.255.0 access-list ipsec14 extended permit ip 10.1.0.0 255.255.0.0 10.114.0.0 255.255.255.0 access-list ipsec13 extended permit ip 10.1.0.0 255.255.0.0 10.113.0.0 255.255.255.0 access-list ipsec12 extended permit ip 10.1.0.0 255.255.0.0 10.112.0.0 255.255.255.0 access-list ipsec11 extended permit ip 10.1.0.0 255.255.0.0 10.111.0.0 255.255.255.0 access-list ipsec10 extended permit ip 10.1.0.0 255.255.0.0 10.110.0.0 255.255.255.0 access-list ipsec9 extended permit ip 10.1.0.0 255.255.0.0 10.109.0.0 255.255.255.0 access-list ipsec8 extended permit ip 10.1.0.0 255.255.0.0 10.108.0.0 255.255.255.0 access-list ipsec7 extended permit ip 10.1.0.0 255.255.0.0 10.107.0.0 255.255.255.0 access-list ipsec6 extended permit ip 10.1.0.0 255.255.0.0 10.106.0.0 255.255.255.0 access-list ipsec5 extended permit ip 10.1.0.0 255.255.0.0 10.105.0.0 255.255.255.0 access-list ipsec4 extended permit ip 10.1.0.0 255.255.0.0 10.104.0.0 255.255.255.0 access-list ipsec15 extended permit ip 10.1.0.0 255.255.0.0 10.115.0.0 255.255.255.0 access-list ipsec16 extended permit ip 10.1.0.0 255.255.0.0 10.3.0.0 255.255.0.0

access-list ipsec17 extended permit ip 10.1.0.0 255.255.0.0 10.4.0.0

255.255.255.0 access-list ipsec18 extended permit ip 10.1.0.0 255.255.0.0 10.5.0.0 255.255.255.0 access-list ipsec19 extended permit ip 10.1.0.0 255.255.0.0 192.168.0.0 255.255.255.0 access-list smtp extended permit tcp any host 204.69.70.10 eq smtp access-list smtp extended permit tcp any host 204.69.70.10 eq www access-list smtp extended permit tcp any host 204.69.70.10 eq https access-list smtp extended permit tcp any host 204.69.70.10 eq 54800 access-list smtp extended permit tcp any host 204.69.70.10 eq 54855 access-list smtp extended permit tcp any host 204.69.70.10 eq 19760 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 no failover asdm image flash:/asdm521.bin no asdm history enable arp timeout 14400 global (outside) 1 204.69.70.100-204.69.70.200 nat (inside) 0 access-list nonat nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp 204.69.70.10 smtp 10.1.10.2 smtp netmask 255.255.255.255 static (inside,outside) tcp 204.69.70.10 www 10.1.1.11 www netmask 255.255.255.255 static (inside,outside) tcp 204.69.70.10 https 10.1.1.1 https netmask 255.255.255.255 static (inside,outside) tcp 204.69.70.10 54800 10.1.14.35 3389 netmask 255.255.255.255 static (inside,outside) tcp 204.69.70.10 54855 10.1.1.8 3389 netmask 255.255.255.255 static (inside,outside) tcp 204.69.70.10 19760 10.1.14.1 3389 netmask 255.255.255.255 static (inside,outside) 204.69.70.10 10.1.1.1 netmask 255.255.255.255 access-group smtp in interface outside access-group lan in interface inside route outside 0.0.0.0 0.0.0.0 204.69.70.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute http server enable http 10.1.0.0 255.255.0.0 inside snmp-server host inside 10.1.1.3 community public no snmp-server location no snmp-server contact snmp-server community public snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set vpn_set esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 3600 crypto map mapa_vpn 1 match address ipsec crypto map mapa_vpn 1 set pfs crypto map mapa_vpn 1 set peer x.x.x.x crypto map mapa_vpn 1 set transform-set vpn_set crypto map mapa_vpn 1 set security-association lifetime seconds 28800 crypto map mapa_vpn 1 set nat-t-disable crypto map mapa_vpn 2 match address ipsec1 crypto map mapa_vpn 2 set pfs crypto map mapa_vpn 2 set peer x.x.x.x crypto map mapa_vpn 2 set transform-set vpn_set crypto map mapa_vpn 2 set security-association lifetime seconds 28800 crypto map mapa_vpn 2 set nat-t-disable crypto map mapa_vpn 3 match address ipsec2 crypto map mapa_vpn 3 set pfs crypto map mapa_vpn 3 set peer x.x.x.x crypto map mapa_vpn 3 set transform-set vpn_set crypto map mapa_vpn 3 set security-association lifetime seconds 28800 crypto map mapa_vpn 3 set nat-t-disable crypto map mapa_vpn 4 match address ipsec3 crypto map mapa_vpn 4 set pfs crypto map mapa_vpn 4 set peer x.x.x.x crypto map mapa_vpn 4 set transform-set vpn_set crypto map mapa_vpn 4 set security-association lifetime seconds 28800 crypto map mapa_vpn 4 set nat-t-disable crypto map mapa_vpn 5 match address ipsec4 crypto map mapa_vpn 5 set pfs crypto map mapa_vpn 5 set peer x.x.x.x crypto map mapa_vpn 5 set transform-set vpn_set crypto map mapa_vpn 5 set security-association lifetime seconds 28800 crypto map mapa_vpn 5 set nat-t-disable crypto map mapa_vpn 6 match address ipsec5 crypto map mapa_vpn 6 set pfs crypto map mapa_vpn 6 set peer x.x.x.x crypto map mapa_vpn 6 set transform-set vpn_set crypto map mapa_vpn 6 set security-association lifetime seconds 28800 crypto map mapa_vpn 6 set nat-t-disable crypto map mapa_vpn 7 match address ipsec6 crypto map mapa_vpn 7 set pfs crypto map mapa_vpn 7 set peer x.x.x.x crypto map mapa_vpn 7 set transform-set vpn_set crypto map mapa_vpn 7 set security-association lifetime seconds 28800 crypto map mapa_vpn 7 set nat-t-disable crypto map mapa_vpn 8 match address ipsec7 crypto map mapa_vpn 8 set pfs crypto map mapa_vpn 8 set peer x.x.x.x crypto map mapa_vpn 8 set transform-set vpn_set crypto map mapa_vpn 8 set security-association lifetime seconds 28800 crypto map mapa_vpn 8 set nat-t-disable crypto map mapa_vpn 9 match address ipsec8 crypto map mapa_vpn 9 set pfs crypto map mapa_vpn 9 set peer x.x.x.x crypto map mapa_vpn 9 set transform-set vpn_set crypto map mapa_vpn 9 set security-association lifetime seconds 28800 crypto map mapa_vpn 9 set nat-t-disable crypto map mapa_vpn 10 match address ipsec9 crypto map mapa_vpn 10 set pfs crypto map mapa_vpn 10 set peer x.x.x.x crypto map mapa_vpn 10 set transform-set vpn_set crypto map mapa_vpn 10 set security-association lifetime seconds 28800 crypto map mapa_vpn 10 set nat-t-disable crypto map mapa_vpn 11 match address ipsec10 crypto map mapa_vpn 11 set pfs crypto map mapa_vpn 11 set peer x.x.x.x crypto map mapa_vpn 11 set transform-set vpn_set crypto map mapa_vpn 11 set security-association lifetime seconds 28800 crypto map mapa_vpn 11 set nat-t-disable crypto map mapa_vpn 12 match address ipsec11 crypto map mapa_vpn 12 set pfs crypto map mapa_vpn 12 set peer x.x.x.x crypto map mapa_vpn 12 set transform-set vpn_set crypto map mapa_vpn 12 set security-association lifetime seconds 28800 crypto map mapa_vpn 12 set nat-t-disable crypto map mapa_vpn 13 match address ipsec12 crypto map mapa_vpn 13 set pfs crypto map mapa_vpn 13 set peer x.x.x.x crypto map mapa_vpn 13 set transform-set vpn_set crypto map mapa_vpn 13 set security-association lifetime seconds 28800 crypto map mapa_vpn 13 set nat-t-disable crypto map mapa_vpn 14 match address ipsec13 crypto map mapa_vpn 14 set pfs crypto map mapa_vpn 14 set peer x.x.x.x crypto map mapa_vpn 14 set transform-set vpn_set crypto map mapa_vpn 14 set security-association lifetime seconds 28800 crypto map mapa_vpn 14 set nat-t-disable crypto map mapa_vpn 15 match address ipsec14 crypto map mapa_vpn 15 set pfs crypto map mapa_vpn 15 set peer x.x.x.x crypto map mapa_vpn 15 set transform-set vpn_set crypto map mapa_vpn 15 set security-association lifetime seconds 28800 crypto map mapa_vpn 15 set nat-t-disable crypto map mapa_vpn 16 match address ipsec15 crypto map mapa_vpn 16 set pfs crypto map mapa_vpn 16 set peer x.x.x.x crypto map mapa_vpn 16 set transform-set vpn_set crypto map mapa_vpn 16 set security-association lifetime seconds 28800 crypto map mapa_vpn 16 set nat-t-disable crypto map mapa_vpn 17 match address ipsec16 crypto map mapa_vpn 17 set pfs crypto map mapa_vpn 17 set peer x.x.x.x crypto map mapa_vpn 17 set transform-set vpn_set crypto map mapa_vpn 17 set security-association lifetime seconds 28800 crypto map mapa_vpn 17 set nat-t-disable crypto map mapa_vpn 18 match address ipsec18 crypto map mapa_vpn 18 set pfs crypto map mapa_vpn 18 set peer x.x.x.x crypto map mapa_vpn 18 set transform-set vpn_set crypto map mapa_vpn 18 set security-association lifetime seconds 28800 crypto map mapa_vpn 18 set nat-t-disable crypto map mapa_vpn 19 match address ipsec17 crypto map mapa_vpn 19 set pfs crypto map mapa_vpn 19 set peer x.x.x.x crypto map mapa_vpn 19 set transform-set vpn_set crypto map mapa_vpn 19 set security-association lifetime seconds 28800 crypto map mapa_vpn 19 set nat-t-disable crypto map mapa_vpn 20 match address ipsec19 crypto map mapa_vpn 20 set pfs crypto map mapa_vpn 20 set peer x.x.x.x crypto map mapa_vpn 20 set transform-set vpn_set crypto map mapa_vpn 20 set security-association lifetime seconds 28800 crypto map mapa_vpn 20 set nat-t-disable crypto map mapa_vpn interface outside crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 1 lifetime 28800 tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.x ipsec-attributes pre-shared-key * telnet 10.1.0.0 255.255.0.0 inside telnet timeout 5 ssh 10.1.0.0 255.255.0.0 inside ssh timeout 5 console timeout 0 management-access inside ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect esmtp inspect http inspect ftp inspect icmp inspect dns ! service-policy global_policy global wccp web-cache wccp interface inside web-cache redirect in prompt hostname context Cryptochecksum:29edf32a2e110c561782f057f0231ba1 : end