cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
686
Views
0
Helpful
2
Replies

MTU Lan2Lan VPN

cmelbourne
Level 1
Level 1

Hi,

we run a software package over a lan2lan vpn. if we run this package over a cisco vpn lan2lan it does not work but if we break out locally over the internet instead of over the lan2lan it does work.

has anyone had issues with mtu sizes over a vpn tunnel (lan2lan not remote access).

2 Replies 2

singhsaju
Level 4
Level 4

Yes it is possible there is fragmentation issue over the tunnel if you can ping between the hosts over vpn tunnel without any problems.

You may have to adjust TCP MSS value on vpn end devices .

Try to adjust TCP MSS value on PIX if your vpn end device is PIX .

sysopt connection tcp-mss MSS_size_in_bytes

example : sysopt connection tcp-mss 1360

You can also find the exact size for your connection using extended ping utility from your workstation as explained in following link .

For PIX and router( as vpn end devices) use following link

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml#Issues

For ASA

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804c8b9f.shtml

HTH

Saju

Pls rate if it helps

hey.

we are using cisco 2800 at one head with ethernet broadband (mtu 1500) and the other end is a 1841 with adsl card (mtu is i think 1400 or 13xx not sure). anyway the mtu is not the same on both routers but have the correct mtu tcp adjuss mss in each.

would this make a big difference if the mtu is different on either end of the link?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: