Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
394
Views
0
Helpful
3
Replies

VPN outside problem

jason
Level 1
Level 1

‎04-25-2007 02:38 AM - edited ‎03-03-2019 04:42 PM

Hi, I am using a Cisco 837 router with a ADSL connection to the Internet. I need to use a VPN connection from my PC to a Windows 2003 VPN server over the Internet, i.e.

my PC using Windows XP connects a VPN connection via the default gateway (Cisco 837 router) -> Internet -> a site with a Nokia ADSL modem (gateway) -> the Windows 2003 VPN server (192.168.1.5)

The problem:

The VPN connection connects fine with no problems except for I cannot download anything more than 2kb (binary files, like a GIF picture) from the Windows server via the VPN connection. However, text files larger than 2kb or any size are fine. I also cannot use Remote Desktop connection to the Windows 2003 server either - it brings up a grey background window and does not go further than that. I notice the VPN connection's status Sent total is much greater than the Received bytes total.

I was using a normal Netgear ADSL router before and never have any problems. The above problem only occurs when I started using the Cisco 837 router. I think it's the MTU problem, but tried resetting and restarting with no luck.

Can any one help on this one?

Thanks,

Jason.

Labels:
0 Helpful
3 Replies 3

mohammedmahmoud
Level 11
Level 11

‎04-25-2007 02:58 AM

Hi there,

The ip tcp adjust-mss command helps prevent TCP sessions from being dropped by adjusting the MSS value of the TCP SYN packets. The ip tcp adjust-mss command is effective only for TCP connections passing through the router. In most cases, the optimum value for the max-segment-size argument is 1452 bytes.

Try this command under you Ethernet interface facing your LAN "ip tcp adjust-mss 1452"

HTH,

Mohammed Mahmoud.

0 Helpful

jason
Level 1
Level 1
In response to mohammedmahmoud

‎04-25-2007 04:51 PM

Hi Mohammed,

Thanks for the response. Yes your answer helped in resolving the problem, i.e. I had to

1. do a "ip tcp adjust-mss 1452" against the e0 interface (just like your answer)

2. change the MTU valud to 1300 in my Windows XP LAN

The combination of the above two resolves the VPN packet problem.

While we are on this subject, is there a IOS command I can use so my VPN connection stays active after the idle time, note I think my Windows VPN icon still says connected but all tcp connections are dead?

Thank you very much!

Jason.

0 Helpful

joshua.walton
Level 1
Level 1
In response to jason

‎05-12-2007 11:51 AM

DPD (Dead Peer Detection)

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card