Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
422
Views
0
Helpful
2
Replies

No Windows Filesharing - 1811 and EasyVPN

davidcb
Level 1
Level 1

‎02-15-2007 08:48 PM - edited ‎03-09-2019 05:24 PM

I am working with my first Cisco device, an 1811 Integrated Services Router running IOS 12.4 (as far as I recall) and configured through SDM. I've got the EasyVPN setup and connected. This is on a test network right now, all Ethernet, not going through any ISP. My machines can connect with the VPN, ping each other and TFTP traffic passes as a test of general data communication. All of that works. However, when I try windows filesharing stuff like the "net use" command or mapping a drive, I cannot get any data to flow.

I am new to IOS and am totally unfamiliar with where to look to troubleshoot this problem. I've tried adding different types of ACL's to the unit through SDM to try and work around this but they don't seem to change anything.

Cisco is statically set to 192.168.5.5 for its fe0 interface

LAN IP (VLAN1): 192.168.2.1

LAN DHCP Pool: 192.168.2.100-200

VPN Pool: 192.168.3.1-20

ACL is setup to allow traffic between them as far as I can tell.

LAN IP of test pc: 192.168.2.100

Remote computer is behind a firewall with an external IP of 192.168.5.102

LAN IP of this router: 192.168.12.1

LAN IP of pc: 192.168.12.53

VPN IP (when established): 192.168.3.1

Pings from a laptop on 192.168.2.100 can hit 192.168.3.1 (remote computer). The remote computer can TFTP a file over to a machine behind the VPN. No windows file traffic (SMB) travesl between them so far as I can see.

I have attached my config:

Labels:
Preview file
13 KB
0 Helpful
2 Replies 2

davidcb
Level 1
Level 1

‎02-25-2007 03:35 PM

I've looked into this some more with packet captures and pings between the machines and now I see that it is an MTU issue between the two devices. I have not explicitly set any MTU settings on this device and the maximum packet size that will go through is 1300 bytes (1270 ping + 30 byte overhead for ICMP according to Ethereal).

When pinging from a machine inside the LAN, I do NOT receive a "packet must be fragmented" error, I just get request timeouts. When pinging from the vpn client machine, I *do* get "packet must be fragmented" responses back.

This is very puzzling. Why is the MTU set to 1300 and how do I change that? The main WAN interface (FastEthernet0) cannot be changed according to the console so I'm wondering where you find this setting on the router itself.

0 Helpful

davidcb
Level 1
Level 1
In response to davidcb

‎02-25-2007 09:31 PM

My buddy has decided to go with a different vendor. Consider the matter resolved.

0 Helpful
Customers Also Viewed These Support Documents