we have hub and spoke MPLS network connecting HO to remote sites.
in each site one cisco router (3800 in HO and 1800 in remote) connects the LAN to the MPLS network.
we activated IPsec between these routers.
it was working fine for some period, then one day, one oracle appliation began to hang. all other applications are working fine. we can also ping this server from everywhere.
if we remove crypto map, the oracle application works correctly.
using sniffer we can see that the connection is established correctly, then in data transfer, the client said it is waiting for sequence nbr 1234 (for example) in the server side we can see that the server has sent this seq. but the client did not receive it.
so why HO router fails to send these TCP sequence correctly?