Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN blocked thru firewall EXCEED MSS error

I'm seeing exceed MSS errors for Cisco remote access and tunnel VPNs passing through or terminating at ASA 5510 (7.2.2).

I have found documentation to set to ignore MSS via a map class, but I'm confused: aren't cisco VPNs compliant with Cisco ASA rules without jerry-rigging a solution? I.m getting errors on inbound site-to-site tunnel setups, and it's blocking an outbound Cisco client VPN to a remote destination.

1 REPLY
Silver

Re: VPN blocked thru firewall EXCEED MSS error

It may be the client or the return traffic from the destination.

The MSS value is negotiated between the hosts and the firewall. If the host or something the host is passing through to get to the firewall may be not sticking to the negotiated value.

Could be software like microsoft. Could also be a cable or nic issue.

There are some windows hack to help with the problem. Thought I had them book marked. Search google for them.

Hope this helps!

Chad

343
Views
0
Helpful
1
Replies