Using ASDM to solve MSS issue

Unanswered Question
Jun 2nd, 2008

I have a problem with accessing a couple of websites on our network. I have identified it to be due to the fact the servers are sendning packets that exceed the MSS advertisied by client.

I recall that this is an issue which started in PIX version 7.

I also recall someone telling me that a "tick box" was added to ASDM to allow the firewall to pass packets that exceed the MSS - and that a "simple" command can be issued to allow this action to commence.

I cannot find the "tick" box in ASDM nor can find the refernce to the command.

Can someone point me in the right direction!

ASDM version 5.2 (2)

Pix version 7.2(2)

ASA 5510

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Firstly you have to know how much is the max data you can send thru your infra-structure, un-fragmented.

Try pinging the website you are trying to get to, first with a high packet size, reducing the packet size until you get a response.

ping x.x.x.x -l 1450 -f

ping x.x.x.x -l 1440 -f

ping x.x.x.x -l 1430 -f

and so on until you get a response. The number you find is what you should set the MSS to.

HTH.

Actions

This Discussion