VPN 3005 - Multiple spokes that need to see each other

Unanswered Question

I have a VPN 3005 concentrator that has multiple lan-to-lan IPSec tunnels coming into it, some of which need to communicate with one another. I'm having an issue configuring this -- I've got a tunnel gateway configured, which would be the same as the internal lan default gateway. I've also got network lists configured to allow the traffic from one spoke to another but cannot get it to work. Any ideas? Thanks!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
gmarogi Wed, 04/11/2007 - 06:20
User Badges:
  • Bronze, 100 points or more

You can try changing the value for tcpmss to see if the problem is with the size of the packets. You can also try the option "Fragment prior to IPSec encapsulation without Path MTU Discovery(Clear DF bit)", it may resolve the problem.


This Discussion