FTP over IPsec

Unanswered Question
Mar 1st, 2008

Dear All,

I am facing a slow response issue when using FTP over IPSec tunnel between Branch office Router and CO router

If I do FTP without IPsec then it works fine.

Please suggest.

Thanks,

Shailendra

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Sun, 03/02/2008 - 10:24

Possibly due to reduction of MTU when FTP is encapsulated within IPSec. If able, and if not already doing so, might try "ip tcp adjust-mss" with appropriate value to avoid fragmentation.

Marvin Rhoads Mon, 07/15/2013 - 21:06

There are a couple of good articles on the details of why this is often advisable on VPN-based links.

Cisco article

Packetlife article

Both are pretty old but the underlying technology is even older.

The basic setting is an interface configuration mode setting as follows:

int  
ip tcp adjust-mss 1460

Actions

This Discussion