Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
225
Views
0
Helpful
1
Replies

IPSEC tunnel over DSL traffic dropped or stripped

davidbuit
Level 1
Level 1

‎02-15-2007 04:12 PM - edited ‎03-03-2019 03:47 PM

I have an IPSEC between a pix 506 and an ASA5510. The tunnel is over DSL links and there is a problem with traffic not going through correctly. Initially I was trying to get a server remotely to join the domain across the VPN but this was timing out. I adjusted the MTU on the outside interfaces of the firewall to 1360 so that the IPSEC SA would negotiate 1360 MTU and this then enabled the server to join the domain but I am still experiencing problems where traffic appears to be dropping or packets getting stripped. I have tried to implement Exindas between the two sites to accelerate the traffic but initially these couldn't even talk to each other until I modified the MTU as above. The PIX 506 terminate the DSL line using PPPoE and at the remote site there is an 877 that terminates the line and then connects to the ASA.

I have also tried to use DES as apposed to AES but this has not effect.

Any ideas or thought most appreciated!

Labels:
0 Helpful
1 Reply 1

davidbuit
Level 1
Level 1

‎02-15-2007 05:21 PM

Further to this, I have tried to use ip tcp adjust-mss on the VLAN interface on the 877 but as this is after the tunnel it has no effect.

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card