上传速率只有25m上不去，配置贴出啦，大家帮忙解下惑，感激不尽

电信测试进防火墙前上传有80m左右，在防火墙后面测试就只有25m了，本人很少配置防火墙所以不太了解，上行我是没做限制的

防火墙为Eudemon1000E

*********************************************************

*           All rights reserved (2008-2010)             *

*       Without the owner's prior written consent,      *

*no decompiling or reverse-engineering shall be allowed.*

*********************************************************

Login authentication

Username:fhq1

Password:

Note: The max number of VTY users is 5, and the current number

      of VTY users on line is 1.

NOTICE:This is a private communication system.

       Unauthorized access or use may lead to prosecution.

super

17:18:07  2018/05/07

 Password:

Now user privilege is 3 level, and only those commands whose level is

equal to or less than this level can be used.

Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE

sys

17:18:11  2018/05/07

Enter system view , return user view with Ctrl+Z.

[bfd]dis cur

17:18:12  2018/05/07

#

 license file flash:/lic1932229-a3cddce705c3b_eudemon1000e.dat

#

ip address-set a

#

acl number 2001

acl number 2500

#

acl number 3001

 rule 2 permit ip source 172.21.80.0 0.0.0.255

 rule 3 permit ip source 192.168.0.0 0.0.255.255

 rule 5 permit gre

 rule 6 permit ip source 172.21.88.0 0.0.7.255

 rule 7 permit ip source 173.10.0.0 0.0.255.255

 rule 8 permit icmp

 rule 15 permit tcp

 rule 20 permit ip

acl number 3002

 rule 0 permit ip destination 172.21.80.0 0.0.0.255

 rule 4 permit gre destination 172.21.80.0 0.0.0.255

 rule 7 permit ip destination 172.21.88.0 0.0.7.255

 rule 8 permit gre destination 172.21.88.0 0.0.7.255

 rule 9 permit ip destination 173.10.0.0 0.0.255.255

 rule 10 permit gre destination 173.10.0.0 0.0.255.255

acl number 3003

 rule 1 permit ip source 192.168.0.0 0.0.255.255

 rule 3 permit ip source 172.21.80.0 0.0.0.255

 rule 6 permit ip source 172.21.88.0 0.0.7.255

 rule 7 permit ip source 173.10.0.0 0.0.255.255

 rule 15 permit tcp

 rule 20 permit ip

#

 sysname bfd

#

 super password level 3 cipher FBI$OR/JA[Q=^Q`MAF4<1!!

#

 web-manager security enable

#

 l2tp enable

#

 firewall packet-filter default permit interzone local trust direction inbound

 firewall packet-filter default permit interzone local trust direction outbound

 firewall packet-filter default permit interzone local untrust direction inbound

 firewall packet-filter default permit interzone local untrust direction outboun

d

 firewall packet-filter default permit interzone local dmz direction inbound

 firewall packet-filter default permit interzone local dmz direction outbound

 firewall packet-filter default permit interzone local vzone direction inbound

 firewall packet-filter default permit interzone local vzone direction outbound

 firewall packet-filter default permit interzone trust untrust direction inbound

 firewall packet-filter default permit interzone trust untrust direction outboun

d

 firewall packet-filter default permit interzone trust dmz direction inbound

 firewall packet-filter default permit interzone trust dmz direction outbound

 firewall packet-filter default permit interzone trust vzone direction inbound

 firewall packet-filter default permit interzone trust vzone direction outbound

 firewall packet-filter default permit interzone dmz untrust direction inbound

 firewall packet-filter default permit interzone dmz untrust direction outbound

 firewall packet-filter default permit interzone untrust vzone direction inbound

 firewall packet-filter default permit interzone untrust vzone direction outboun

d

 firewall packet-filter default permit interzone dmz vzone direction inbound

 firewall packet-filter default permit interzone dmz vzone direction outbound

#

 nat address-group 1 222.208.119.158 222.208.119.158

 nat server protocol tcp global 222.208.119.158 3389 inside 172.21.80.234 3389

 nat server protocol tcp global 222.208.119.158 8001 inside 172.21.80.39 8001

 nat server protocol tcp global 222.208.119.158 81 inside 172.21.80.39 81

 nat server protocol tcp global 222.208.119.158 8081 inside 172.21.80.246 8081

 nat server protocol tcp global 222.208.119.158 500 inside 172.21.80.246 500

 nat server protocol udp global 222.208.119.158 500 inside 172.21.80.246 500

 nat server protocol udp global 222.208.119.158 4500 inside 172.21.80.246 4500

 nat server protocol tcp global 222.208.119.158 47 inside 172.21.80.13 47

 nat server protocol tcp global 222.208.119.158 pptp inside 172.21.80.13 pptp

#

 firewall blacklist aging-time login-failed 60

 firewall blacklist enable

 firewall blacklist item 124.47.117.77

#

 firewall defend port-scan enable

 firewall defend port-scan max-rate 5000

 firewall defend port-scan blacklist-timeout 60

#

 firewall statistic system enable

 firewall car-class 1 100000000

 firewall car-class 2 100000000

 firewall conn-class 1 1300

 firewall conn-class 2 300

#

traffic classifier a1

 if-match acl 3003

#

traffic behavior b1

  car cir 2000000 cbs 1000000 ebs 0

#

qos policy c1

 classifier a1 behavior b1

#

dhcp server ip-pool 1

#

dhcp server ip-pool 35

#

dhcp server ip-pool 499

 network 192.168.99.0 mask 255.255.255.0

 gateway-list 192.168.99.254

 dns-list 61.139.2.69

 expired unlimited

#

interface Virtual-Template1

 ppp authentication-mode pap

 ip address 192.168.80.1 255.255.255.0

 remote address pool 1

#

interface GigabitEthernet0/0/0

 ip address 222.208.119.158 255.255.255.192

#

interface GigabitEthernet0/0/1

#

interface GigabitEthernet0/0/2

#

interface GigabitEthernet0/0/2.200

 vlan-type dot1q 1

 descripqion 5300-2_0/0/24_bangong

 ip address 172.21.80.254 255.255.255.0

#

interface GigabitEthernet0/0/2.499

 vlan-type dot1q 499

 ip address 192.168.99.254 255.255.255.0

#

interface GigabitEthernet0/0/3

 descripqion 5300-1

#

interface GigabitEthernet0/0/3.88

 vlan-type dot1q 88

 descripqion 5300-1

 ip address 172.21.88.1 255.255.248.0

#

interface GigabitEthernet0/0/3.100

 vlan-type dot1q 100

 descripqion 5300-1

 ip address 192.168.1.1 255.255.255.0

 ip address 192.168.100.1 255.255.255.0 sub

#

interface NULL0

#

firewall zone local

 set priority 100

#

firewall zone trust

 set priority 85

 add interface GigabitEthernet0/0/2

 add interface Virtual-Template1

 add interface GigabitEthernet0/0/2.200

 add interface GigabitEthernet0/0/2.499

 add interface GigabitEthernet0/0/3.88

 add interface GigabitEthernet0/0/3.100

 statistic enable ip inzone

 statistic enable ip outzone

 statistic connect-number ip tcp inbound 1 acl-number 3001

 statistic connect-number ip tcp outbound 2 acl-number 3001

 statistic car ip inbound 1 acl-number 3001

 statistic car ip outbound 2 acl-number 3001

#

firewall zone untrust

 set priority 5

 add interface GigabitEthernet0/0/0

#

firewall zone dmz

 set priority 50

#

firewall zone vzone

 set priority 0

#

firewall interzone trust untrust

 packet-filter 3002 inbound

 packet-filter 3001 outbound

 nat outbound 3001 address-group 1

 detect pptp

#

aaa

 local-user fhq1 password cipher FBI$OR/JA[Q=^Q`MAF4<1!!

 local-user fhq1 service-type telnet

 ip pool 80 172.21.80.40 172.21.80.50

#

 authentication-scheme default

#

 authorization-scheme default

#

 accounting-scheme default

#

 domain default

  binding virtual-template 1

  user-priority 7

  acl-number 2001

 domain test

  web-server  172.21.80.224

  ip pool 1 172.21.80.240  172.21.80.250

#

#

right-manager server-group

#

 slb

#

 ip route-static 0.0.0.0 0.0.0.0 222.208.119.129

 ip route-static 172.21.88.0 255.255.248.0 192.168.100.2

 ip route-static 192.168.0.0 255.255.0.0 192.168.100.2

 ip route-static 192.168.100.0 255.255.255.0 192.168.100.2

 ip route-static 192.168.199.0 255.255.255.0 172.21.80.253

 ip route-static 192.168.200.0 255.255.255.0 172.21.80.253

#

user-interface con 0

 authentication-mode password

 set authentication password simple 19841121a

 history-command max-size 0

user-interface vty 0 4

 authentication-mode aaa

#

return

[bfd]