We are running Dynamics CRM on premise 2011, and are in the process of upgrading to 2015. There is significant existing custom development work that hits the 2007 end point, which will need to be upgraded before upgrading CRM server. 

My new application uses OrganizationServiceProxy to query the 2011 endpoint. I was able to publish and run it from an internal web server, and it works as expected. 

When publishing the same application to a internet facing server, I am running into significant performance problems. Some pages take several minutes to load. 

I built up a test page to isolate a single query that uses the following code. 

-----------------------------

ClientCredentials credentials = new ClientCredentials();
var startTime = DateTime.Now;
credentials.UserName.UserName = @"domain\username";
credentials.UserName.Password = "password";
Uri serviceUri = new Uri("url");

string entityname = "account"; 

string accountid = ID Guid
var proxy = new OrganizationServiceProxy(serviceUri, null, credentials, null);

proxy.EnableProxyTypes();
var entity = proxy.Retrieve(entityname, new Guid(accountid), new ColumnSet(true));

var entityMessage = entity.GetAttributeValue<string>("name");

----------------------------------------

The above runs in roughly 0.1 seconds on the internal web server, and about 15 seconds from the DMZ. Our CRM server is not internet facing and sits on the internal network. 

I have run this by the networking, server admin, and security teams. None of them are able to find a cause of the problem. The firewall port to the CRM service endpoint is open on both the client firewall and the firewall between DMZ and internal network.

Some things we tried

- They were able to put a trace on the DMZ firewall and found no blocked requests.

- I have replaced the domain names in the URL with IP addresses, to bypass any issues with DNS.

- We set up WireShark and ran tracing on the request. There appears to be a 15 second gap between the requests, but I can't find out the cause of it. 

- We temporarily moved the DMZ web server to the internal network to see if it made a difference. This server performed similarly to the internal server while it was on network. 

- Security team checked McAfee logs to determine that there was no traffic blocked

I am wondering if anyone has run into this issue or something similar, and if there is a way forward from here. The 15 seconds per query is not an acceptable wait time, especially because the site will be used by customers. 

Thank you 

John Cramer