Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2146
Views
5
Helpful
2
Replies

ASA 5510 questions

ericluoma
Level 1
Level 1

‎06-07-2007 05:13 AM - edited ‎03-11-2019 03:26 AM

When I go into the ASDM on my 5510 and uncheck the "Force maximum segment size for TCP proxy connections to be 1380" will that let the firewall accept packets larger than 1380? I am trying to limit fragmenting of some packets that are close to this size. Is there any performace hit or problem with using the sequence randomizer on the firewall? It says it opens a possible security hole if you don't use it. I was wondering if it is ok to turn this off?

I just a FYI...there is no VPN on this firewall or encryption.

Labels:
0 Helpful
2 Replies 2

srue
Level 7
Level 7

‎06-07-2007 06:54 AM

here's a primer on fragmentation..with examples (CLI) from the ASA. It covers both MTU and TCP MSS.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml

ericluoma
Level 1
Level 1
In response to srue

‎06-07-2007 09:46 AM

Thanks. That is a great link.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card