Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco 2811 to Cisco 837 Site to Site VPN connection - possible MTU issue?

Unanswered Question
May 11th, 2006
User Badges:

We replaced a Cisco 837 at one site with a Cisco 2811 with ADSL card, in order to allow more VPN connections.

The Cisco 2811 router is configured in much the same way as the previous 837 router was and, after installation, things seemed fine - we established the VPN tunnel from the Cisco 2811 to another site which had a Cisco 837 router and we were able to pass traffic.

However, subsequently, it soon became clear that some user applications were affected by the router change. The connectivity was there but the users could not perform certain tasks they could previously (e.g. running certain apps, sometimes emails could be problematic, etc)

I THINK this may be an MTU issue. However, I can't understand a) why the change of router would affect this and b) what needs to be done to resolve the situation.

On both the old Cisco 837 and the new Cisco 2811, the line "ip tcp adjust-mss 1452" is included.

Does anyone have any suggestions on how to resolve this? Or if it is not an MTU issue, what else it could be?


(Note: the Cisco 2811 is running 12.4(1b) and the Cisco 837 was running 12.3(2)XC2)

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mitchen Fri, 05/12/2006 - 04:40
User Badges:

This issue is now resolved. It seems that the ICMP messages saying what segment size to use were being blocked so the server was continuing to send oversized segments, "breaking" the path MTU discovery.


This Discussion