Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Fragmentation

I have 2 networks connected through a VPN from a PIX 525 to a PIX 525 and traffic that is over 1200 MTU is not traversing the tunnel. I have tried to set the PIX interfaces to 1200 MTU and permitting pre-encryption fragmentation but to no avail any thoughts???

1 REPLY
Cisco Employee

Re: Fragmentation

Is it the mtu or the mss ?

Please try this on both pix ( if they are running 7.x or 8.x code ) :

access-list http-list2 permit ip any any

class-map http-map1

match access-list http-list2

exit

tcp-map mss-map

exceed-mss allow

exit

policy-map global_policy

class http-map1

set connection advanced-options mss-map

exit

exit

Please rate if helps.

Regards,

Sushil

126
Views
0
Helpful
1
Replies