03-14-2007 10:29 PM
Dear All,
I had recently established VPN tunnel from Cisco 2800 series router to VPN concentarator , this is simple a LAN to LAN VPN tunnel and i can access servers through the VPN tunnel.so far so good but i am facing issue with one destination/servers which is hosted on https.I can access this destination through VPN tunnel but with in minute i loose it(but other servers works
it means the VPN tunnel is not down) and if i reaaplied VPN tunnel ( remove crypto map and apply again) , the server access starts working but only less then 1 minute.. it's difficult to hone down it server issue ..as when the server access stops working if i tried to do telnet on the server(port 443) it failed but if i reapply the VPN tunnel and telnet on Port 443 start working but less then 1 minute.
however more confusing is that telnet always work on this server for port 80.so it means it's not routing issue.
but on port 443 it works for less then i minute and after resetting the tunnel it starts working but for 1 minute only ...
any pointes to resolve this issue will be very helpful.
IOS Image : c2800nm-advipservicesk9-mz.124-3a.bin
thanks,KNK
03-15-2007 06:58 AM
Sounds like a packet size issue. Lower down the TCP MSS on the Lan interface of the router:
int fasteth0
ip tcp adjust-mss 1452
exit
Lower down the value by 50 bytes each time, till you see any improvement.
*Please rate if helped.
-Kanishka
03-16-2007 01:04 AM
dear Kanishka,
i have reaaplied the ACl's and it start working fine , but i got another long pending issue resolved by your suggestion.
thanks,KNK
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: