Thanks

Let u know once i do the changes.

Hi Jullio,

Just to add my findings.

I have 10 Mbps linlks which is directly connected to PC.Doesnot involve any firewall stuff.

But still w e are facing same problem on that too.

On My network some times it works absoulety fine with default MTU  seetings on firewall. Really confused.

Is it any thing related to que Size seetings on firewall.

Hello Prashant,

U lost me man!

I mean,

Know you have a PC directly connected to which other device???

and what you need to check is the MTU of the devices in the path not the access-rate they have.

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Hi,

This connection goes directly from PC to MUX .

MUX to ISP side.

So need to check the seeting on MUX and as well as ISP side.

Another thing i want to know there are 10 site to site VPN om my side.

Chaning the MTU seetings can affect the other VPN trafic?

Hello,

We do not need to make any changes yet.

First lets make sure that all of the sites have 1500 as the MTU size on their interfaces.

If this is the case then run wireshark on your PC cause it might be a mal funcionating network card...

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Thanks,

As of now all my inerface have 1500 MTU .

You mean to say even malfunction network card may also cause this issue.

If only happens with ur PC yes....

So u already check the MTU settings for the PC to the MUX to the ISP side ?

You will need to check the Junos Side network in order to make sure  their side is properly configured.

Note: Without the ASA the issues still hapen right?

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Ya without ASA still happens.

so we need to confirm the MTU settings on juno side network.

But strange thing some time even the performance is good on my side with firewall in path.

Even isp has cleared that there is no latency on there side.

Hello Prashant,

Yeah, does not makes much sense but remember that we are dealing with what it seems to be "Fragmentation issues".

Let me know what u find from the other side. OK?

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Thanks for your valuable suggestions  and time.

Will trouble you once   i receive the update from other side.

Sure buddy,

My pleasure to help

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Hi Julio,

Far end guys are very reluctant to provide teh info regarding MTU value.

Yesterday I did run the ping command when user remoet machine was completely freezed for 15 min

ping -l 1500 19x.x.x.x -f

I got the message packets needs to be fragemented.but DF set

when i changed the value to 1460 i got the ping response.

currently my mss value is set 1480.

shall i change it to 1460 and check it

Hello,

TCP header plus IP header are 40 bytes sooooooo you need to set it to the default of 1460.

Then let me know

Rate all of the helpful posts!!!

Regards,

Jcarvaja

Follow me on http://laguiadelnetworking.com

Value set on firewall is

sysopt connection tcpmss 1480

I do have packet shaper device which is placed above firewall mss value is set to 1380.