Firewall Wizards mailing list archives
Fragmentation over VPN
From: "Alex" <anobre1 () gmail com>
Date: Thu, 8 Mar 2007 12:35:24 -0500
Hi everyone, First time poster here (as if anyone cared <g>). I have this scenario: Three offices need to connect via IPSec (L2L) and each also runs EZVPN server for clients to connect to. There is a 506E, and ASA5510 and an ISR 1801W. The configuration for the 506E and ASA5510 were easy enough and everything is working fine. On the 1801 is a different story. I get the SA's done with no problems, but then no other traffic flows through and I suspect this has to do with fragmentation. On the outside interface (Dialer1), I have "mtu 1492" and on the inside (VLAN1) I have "ip tcp adjust-mss 1452". Everyone behind the device can browse the internet without any problems (yes, PAT). Can some kind soul please provide some ideas on how to get around it? Much appreciated. Alex. _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Fragmentation over VPN Alex (Mar 10)
- Re: Fragmentation over VPN kevin horvath (Mar 12)