VPN tunnel cannot route one destination/ports more then a minute

Unanswered Question
Mar 14th, 2007

Dear All,

I had recently established VPN tunnel from Cisco 2800 series router to VPN concentarator , this is simple a LAN to LAN VPN tunnel and i can access servers through the VPN tunnel.so far so good but i am facing issue with one destination/servers which is hosted on https.I can access this destination through VPN tunnel but with in minute i loose it(but other servers works

it means the VPN tunnel is not down) and if i reaaplied VPN tunnel ( remove crypto map and apply again) , the server access starts working but only less then 1 minute.. it's difficult to hone down it server issue ..as when the server access stops working if i tried to do telnet on the server(port 443) it failed but if i reapply the VPN tunnel and telnet on Port 443 start working but less then 1 minute.

however more confusing is that telnet always work on this server for port 80.so it means it's not routing issue.

but on port 443 it works for less then i minute and after resetting the tunnel it starts working but for 1 minute only ...

any pointes to resolve this issue will be very helpful.

IOS Image : c2800nm-advipservicesk9-mz.124-3a.bin

thanks,KNK

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
kaachary Thu, 03/15/2007 - 06:58

Sounds like a packet size issue. Lower down the TCP MSS on the Lan interface of the router:

int fasteth0

ip tcp adjust-mss 1452

exit

Lower down the value by 50 bytes each time, till you see any improvement.

*Please rate if helped.

-Kanishka

ciscotech4u Fri, 03/16/2007 - 01:04

dear Kanishka,

i have reaaplied the ACl's and it start working fine , but i got another long pending issue resolved by your suggestion.

thanks,KNK

Actions

This Discussion