03-26-2008 03:54 PM - edited 02-21-2020 03:38 PM
We have a site to site vpn with a business partner. The VPN tunnel is up and we can ping both ways. Also we can telnet to the remote side for testing purposes. The issue is that our server can't send data to the remote server. We are sending ACSII and MLLP (Minimal Lower Level Protocol formatting) type HL7 data. Any help would be greatly appreciated.
04-01-2008 01:54 PM
The problem seems to be in MTU size of the delivery path. Following links may help you
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml
04-01-2008 02:40 PM
Brandon
It may be an issue with MTU as suggested by Didya. And you would do well to explore ways to work around that. But there is another possibility to consider. I just recently had an experience at a customer site where they were having problems with data not passing through a VPN connection. We figured out that the access list on one side was not a matching version of the access list on the other side (looked like they would have same effect but did not match). When we re-wrote the access list to be an exact match then data started to flow through the VPN. I would suggest that you do a review of the access lists for VPN on both sides and verify that they are an exact match for each other.
HTH
Rick
04-01-2008 06:23 PM
"I would suggest that you do a review of the access lists for VPN on both sides and verify that they are an exact match for each other."
Yup, they're called mirrored access lists.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide