I have an odd one

Unanswered Question
Sep 11th, 2008

We have a L2L vpn tunnel between our office and datacenter. One of our servers (at the DC) is an AIX box running a unix telnet app. During the day print ques on the AIX will just stop working. The printers are local to this office and the printers do work from windows. IBM says its a network problem but I dont see where. I have opened 8 TAC cases nobody can find the bug.

Any thoughts?

Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
singhsaju Thu, 09/11/2008 - 09:13

Hi Mike,

Is this pure IPsec tunnel or GRE over IPsec tunnel?

Can you ping those printers from AIX server when problem of print queues happens? If you are able to ping those printers then it could be a fragmentation issue due to IPsec tunnel.

What are the VPN end devices ? PIX or routers ?

Try to adjust TCP MSS vlue to 1300 and then check if the problem still happens .

Try to adjust TCP MSS value on PIX if your vpn end device is PIX .

sysopt connection tcp-mss MSS_size_in_bytes

example : sysopt connection tcp-mss 1300

You can also find the exact size for your connection using extended ping utility from your workstation as explained in following link .

For PIX and router( as vpn end devices) use following link

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml#Issues

HTH

Saju

Pls rate if it helps

Actions

This Discussion