Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5510 questions

When I go into the ASDM on my 5510 and uncheck the "Force maximum segment size for TCP proxy connections to be 1380" will that let the firewall accept packets larger than 1380? I am trying to limit fragmenting of some packets that are close to this size. Is there any performace hit or problem with using the sequence randomizer on the firewall? It says it opens a possible security hole if you don't use it. I was wondering if it is ok to turn this off?

I just a FYI...there is no VPN on this firewall or encryption.

2 REPLIES
Gold

Re: ASA 5510 questions

here's a primer on fragmentation..with examples (CLI) from the ASA. It covers both MTU and TCP MSS.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml

New Member

Re: ASA 5510 questions

Thanks. That is a great link.

1010
Views
5
Helpful
2
Replies
CreatePlease login to create content