Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
281
Views
0
Helpful
1
Replies

Fragmentation

bob.bartlett
Level 1
Level 1

‎09-12-2008 10:19 AM - edited ‎03-11-2019 06:43 AM

I have 2 networks connected through a VPN from a PIX 525 to a PIX 525 and traffic that is over 1200 MTU is not traversing the tunnel. I have tried to set the PIX interfaces to 1200 MTU and permitting pre-encryption fragmentation but to no avail any thoughts???

Labels:
0 Helpful
1 Reply 1

suschoud
Cisco Employee
Cisco Employee

‎09-12-2008 11:46 AM

Is it the mtu or the mss ?

Please try this on both pix ( if they are running 7.x or 8.x code ) :

access-list http-list2 permit ip any any

class-map http-map1

match access-list http-list2

exit

tcp-map mss-map

exceed-mss allow

exit

policy-map global_policy

class http-map1

set connection advanced-options mss-map

exit

exit

Please rate if helps.

Regards,

Sushil

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card