I have a PXI 515 connecting to a remote site ASA5510 using IPSec tunnel The remote site has numerous other devices we can telnet to without issue. There is one device at the remote site ha made by AVocent it is a IPKVM. We can telnet and login to the device but when the person tries to load say the help screen or another screen after the login the session just hangs. If we telnet to another device in the remote site we can telnet to the IPKVM without issue from the other device.
Found this error on the corp side firewall PIX515
Dec 11 2006 14:28:54: %PIX-4-209005: Discard IP fragment set with more than 1 elements: src = 192.168.xx.xx, dest = 192.168.xx.xx, proto = tcp, id = 14003
One our corp side PIX515 so the traffic makes it to the corp firewall and it gets dropped due to the fragment set?
Current setting on the PIX 515 is ?fragment chain 1 outside?
So what is the risk of increasing this setting on the corp PIX 515.
Low, Medium, High and suggestions.