Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA routing problem

Hello,

I've got 2 ASA 5520 on my network.

The first ASA (Firewall 1) realize site to site VPN between Datacenter et remote office, and the second ASA (firewall 2)do exactly the same thing, for other remote office.

As you can see on attachments, "Firewall 1" is the default gateway for datacenter LAN. Firewall 1 know routes to reach remote office managed by firewall 2 (via site to site VPN).

When a user from datacenter LAN try to ping a server or access on a server with TCP application, on a remote office using Firewall 1, it's a success.

But if a user try to do the same thing on a remote office using firewall 2, pings are OK but not TCP application.

Any idea ?

Thanks,

Julien

1 REPLY
New Member

Re: ASA routing problem

Hi,

We've seen odd occurances with TCP applications when running over VPN's and GRE Tunnels.

The fix was to set the MTU on the servers to something fairly low (1400 ish) - you can established this via ping.

I'd have a look along these lines - it may be something else but its something to consider.

Cheers

Chris

125
Views
0
Helpful
1
Replies
CreatePlease to create content