Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5520 and MPF

Hi all. In our company we have recently upgraded our firewall from PIX 515 to ASA 5520 and we have started experiencing an odd thing happening. On one of the sites we host I have observed a lot of MSS exceeded messages popping up and I believe they are the source of the problem when surfing the site(surfing mostly works fine but sometimes people can't content etc.).

I have found the Cisco workaround for this problem using MPF but one thing confuses me. If I apply an MPF for allowing larger MSS on the outside interface of the ASA does that policy conflict with the global policy that is on ASA by default or can they both exist at the same time?

Thanks in advance for any help.

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: ASA 5520 and MPF

You can have one policy per interface and another one - global that by default applies to default-inspection-traffic.

Check http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mpc.html for further details.

2 REPLIES
New Member

Re: ASA 5520 and MPF

You can have one policy per interface and another one - global that by default applies to default-inspection-traffic.

Check http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/mpc.html for further details.

New Member

Re: ASA 5520 and MPF

Thanks for your reply. It was exactly what I was looking for.

239
Views
0
Helpful
2
Replies
CreatePlease login to create content