Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
583
Views
0
Helpful
4
Replies

Pix 515 problems downloading files

Go to solution
j-baptistamartins
Level 1
Level 1

‎09-03-2008 06:33 AM - edited ‎03-11-2019 06:39 AM

Hi all,

I have a problem I am configuring a Cisco pix 515e, I have two VPN tunnel site to site Working and the firewall up and running, but I have a problem with the firewall when I tried to download files from certain sites I can't, for example I can't download files from Mozilla http://www.mozilla.org/download.htm or www.microsoft.com among many others.

I can download files from torrents, and most ftp servers, as well update my computers from Microsoft widows update.

For example if I download internet explorer 8 from Microsoft site, the download starts but only download a few Kb, other times the download doesn't start.

I also have problems with you tube, the problem is the following, if I tried to see any video the clip is very slow to start, and in some cases I can't see the clips.

I attach the log file from Cisco pix to help troubleshoot the problem, as well a configuration file.

Labels:
Preview file
22 KB
Preview file
1 KB
Preview file
13 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
singhsaju
Level 4
Level 4
In response to j-baptistamartins

‎09-04-2008 12:57 PM

I am glad i could help you in resolving the issue .

Pls rate if it helps

HTH

Saju

View solution in original post

0 Helpful
4 Replies 4

Go to solution
jj27
Spotlight
Spotlight

‎09-03-2008 09:17 AM

I can't answer your question specifically, but if you look at your configuration you have internal network routes to 20.0.0.0/8, 30.0.0.0/8, and 40.0.0.0/8 which are public sector IP address ranges. If any outbound traffic is destined to a website that falls within that range, you will get weird results possibly like these.

route inside 20.0.0.0 255.0.0.0 10.0.0.54 1

route inside 30.0.0.0 255.0.0.0 10.0.0.54 1

route inside 40.0.0.0 255.0.0.0 10.0.0.54 1

0 Helpful

Go to solution
singhsaju
Level 4
Level 4

‎09-04-2008 06:08 AM

This could be a fragmentation issue.Try to adjust TCP MSS value on PIX.

sysopt connection tcp-mss MSS_size_in_bytes

example : sysopt connection tcp-mss 1360

HTH

Saju

0 Helpful

Go to solution
j-baptistamartins
Level 1
Level 1
In response to singhsaju

‎09-04-2008 12:29 PM

I use the following article to solve the problem

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804c8b9f.shtml

It was the TCP MSS.

Thank you for the help

0 Helpful

Go to solution
singhsaju
Level 4
Level 4
In response to j-baptistamartins

‎09-04-2008 12:57 PM

I am glad i could help you in resolving the issue .

Pls rate if it helps

HTH

Saju

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card