- Bronze, 100 points or more
I was playing around with SDM on my router and tested my VPN tunnel. I got the following error:
A ping with data size of this VPN interface MTU size and 'Do not Fragment' bit set to the other end VPN device is failing. This may happen if there is a lesser MTU network which drops the 'Do not fragment' packets.
1)Contact your ISP/Administrator to resolve this issue.
2)Issue the command 'crypto ipsec df-bit clear' under the VPN interface to avoid packets drop due to fragmentation.
The VPN works fine though. I found this on Cisco: http://www.cisco.com/en/US/tech/tk801/tk703/technologies_tech_note09186a0080094c4f.shtml I tried applying it to my ethernet interface that is connected to my cable modem, but I still got the error when testing. Do I need to reboot or do I need to apply to that command to another interface? I tried setting it to 1420 and 1200. Still got the error when testing. Thanks!