Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
817
Views
0
Helpful
1
Replies

VPN blocked thru firewall EXCEED MSS error

jmayes
Level 1
Level 1

‎01-01-2007 05:35 PM - edited ‎03-11-2019 02:14 AM

I'm seeing exceed MSS errors for Cisco remote access and tunnel VPNs passing through or terminating at ASA 5510 (7.2.2).

I have found documentation to set to ignore MSS via a map class, but I'm confused: aren't cisco VPNs compliant with Cisco ASA rules without jerry-rigging a solution? I.m getting errors on inbound site-to-site tunnel setups, and it's blocking an outbound Cisco client VPN to a remote destination.

Labels:
0 Helpful
1 Reply 1

cpembleton
Level 4
Level 4

‎01-03-2007 12:41 PM

It may be the client or the return traffic from the destination.

The MSS value is negotiated between the hosts and the firewall. If the host or something the host is passing through to get to the firewall may be not sticking to the negotiated value.

Could be software like microsoft. Could also be a cable or nic issue.

There are some windows hack to help with the problem. Thought I had them book marked. Search google for them.

Hope this helps!

Chad

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card