Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
0
Helpful
1
Replies

ASA routing problem

jbillochon
Level 1
Level 1

‎12-03-2007 06:14 AM - edited ‎03-11-2019 04:38 AM

Hello,

I've got 2 ASA 5520 on my network.

The first ASA (Firewall 1) realize site to site VPN between Datacenter et remote office, and the second ASA (firewall 2)do exactly the same thing, for other remote office.

As you can see on attachments, "Firewall 1" is the default gateway for datacenter LAN. Firewall 1 know routes to reach remote office managed by firewall 2 (via site to site VPN).

When a user from datacenter LAN try to ping a server or access on a server with TCP application, on a remote office using Firewall 1, it's a success.

But if a user try to do the same thing on a remote office using firewall 2, pings are OK but not TCP application.

Any idea ?

Thanks,

Julien

Labels:
Preview file
190 KB
0 Helpful
1 Reply 1

chris.russell
Level 1
Level 1

‎12-04-2007 02:25 AM

Hi,

We've seen odd occurances with TCP applications when running over VPN's and GRE Tunnels.

The fix was to set the MTU on the servers to something fairly low (1400 ish) - you can established this via ping.

I'd have a look along these lines - it may be something else but its something to consider.

Cheers

Chris

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card