Problem with my cisco 871-k9-advsecurity

Unanswered Question
Jun 29th, 2008

Hello everybody

i'm actually configure a router cisco 871.

My objectives:

- access to internet

- Create a VPN Site to Site

for the internet connection all is ok

no more problem.

But i have a serios problem with my VPN. I created a VPN-Site-to-Site between this router and Netasq F200. VPN is working but when i want to ping form computer behing my cisco, all is ok i can ping which is my netasq address, i can ping server (

but if i want to make a 2048 bytes ping on the netasq i can but if i make

ping -l 2048 (the server) i can't i don't have any answer. But i used ethereal on server i see icmp incoming form my computer on the netasq i see the answer which come to the cisco but i don't have any answer on my computer. On ethereal i see that there are fragments i tryed to modify MSS (cause i can't modify MTU) but there were no effect.

Please i need to make ping with 2048 bytes it's for GPO (Windows) I attach config file. I hope u'll help me.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mathduvar Sun, 06/29/2008 - 06:59

i already reduced mtu but no way

i cant make ping with 2048 byte on the distant router and it's working but not server behind this router

a little diagram :

IPSec tunnel


Server - - - - ROUTER - - - - - - ROUTER CISCO 871 NETASQ F200

and behind router i have another server :

if i ping (2048) from to it's ok

if i ping (2048) from to no answer

if i ping (normal) form to it's ok

if i ping (2048) from to no answer

it's same if i ping from to

i don't understand


This Discussion