02-12-2009 02:32 PM
I migrated remote users from MS PPTP to Cisco Client VPN 2 month ago. Eversince this was done, it has been nothing but long lockups, freeze, disconnects and crashing Citrix sessions. Prior to migration, all connections were coming through a PIX 520 to a MS VPN server on the inside. Now, it is an ASA 5520 as a VPN server.
I applied "crypto ipsec df-bit clear outside" but no luck. I also confirmed Client MTU settings are 1300. Internal users have no issues with access Citrix. It is only remote uers started exeperiencing the issue when migrated to Cisco VPN client.
Any ideas?
Thanks,
02-15-2009 12:37 PM
Are you policing or shaping any of the crypto traffic?
02-15-2009 05:31 PM
No, i am not.
I have 45Mbps of internet link burstable to 60M. My daily utilization is close to 30Mbps out and 35Mbps in.
I've applied the "crypto ipsec df-bit clear-df outside" and the default settinsg for "fragment outside/inside before encryption". I will be changing the "syspot connection tcpmss" from 1200 to default 1380, but not sure if the tcpmss is the root casue! However, i will try anything to end this nightmare!
Thanks,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide