Change MTU on one ipsec tunnel PIX-TO-PIX

Unanswered Question
Sep 19th, 2005
User Badges:


i have one pix acting as hub and three pix as spoke. On one link i have pppoe on the outside interface. The ipsec tunnel get an MTU of 1492 while the other end at the spoke have an MTU of 1500 for this tunnel. Anyone who knows if there's a way to change the MTU only on this particular tunnel on the hub pix to 1492 without changing the interface MTU.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
subaa Wed, 09/21/2005 - 05:23
User Badges:

I think it's not possible. If you have mtu/fragment problems on the spoke with DSL, i suggest you to configure

sysopt connection tcpmss 1300

on the spoke. That will likely solve your problems, since udp packets are rearly larger than that size.



This Discussion