I do not see anything in the information that you have given us that would indicate that you need to adjust MSS. On the other hand you have not told us much about your situation. What kind of outbound connection is the router using? Are you configuring any kind of tunneling (GRE or IPSec or anything like that)?
My first guess would be that there is some isse about the configuration of NAT. Could you post the router config so that we can see what is going on?
And it would be easy to configure the TCP adjust MSS and see if it helps. It would not hurt anything and it is possible that it would help.
I don't have tunneling configured. I have a frame relay link between an external router (in network 192.168.10.X) and the Cisco 1720, these one is connecting to network 10.1.1.0 through a firewall with an ip 192.168.4.5.
The FTP server is in network 10.1.1.X ((the FTP server is 10.1.1.138)
The configuration is as follows:
Current configuration : 1617 bytes
service timestamps debug uptime
service timestamps log uptime
memory-size iomem 25
ip audit notify log
ip audit po max-events 100
ip address 192.168.4.6 255.255.255.252
ip nat inside
no ip address
frame-relay lmi-type ansi
interface Serial0.1 point-to-point
ip address 192.168.35.26 255.255.255.252
ip nat outside
frame-relay interface-dlci 496
ip nat inside source static 10.1.1.138 192.168.116.179
Thanks for posting the router config. There are a couple of things about it that I would like to ask about:
- perhaps you could explain the topology. your comments indicate that the connection through FastEthernet0 is through a firewall. And apparently the inside network is through the firewall? and the Frame Relay interface leads to the outside? So who is attempting to access the FTP server? what interface does that traffic arrive on?
- I am surprised that there is no dynamic routing protocol and only 2 static routes. There is a route to 10.0.0.0 through the inside and a route to 192.168.10.0 through the outside. And there are no other routes.
- which leads to one of the problems. You are translating the address of the FTP server into 192.168.116.179 but there is no routing information about how to get to 192.168.116. So this would be the first problem about why you can not access the FTP server.
Hi Rick, sorry for my simple description. I'm attaching a diagram i hope it helps you to understand the topology. It's a very simple topology. There is not a routing protocol because it's basically a point-to-point connection.
Router B, in the diagram is the firewall i described before, but this firewall, in this case, is just routing network 10.1.1.x and network 192.168.4.x
A host in network 192.168.10.x is able to do a ping to NATed server 192.168.116.179 (which real address is 10.1.1.138), but, when it try to open a FTP connection just appear the "welcome screen" but it doesn't permit to enter the user and password.
some people told me that it's because i have to configure the tcp adjust mss, but i think it's a problem with the FTP server.
so, do you think i have to configure de tcp adjust mss?
Thank you for posting back indicating that you have resolved the problem and what the problem was. It makes the forum more useful when people can read about a problem and can read what the problem was.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...