Cisco 3000 series concentrator - mtu size vs pmtud
We are attempting to troubleshoot a VPN tunnel problem - symptom being that the receiver is seeing out of order packets (not unusual, I think) and missing packets. The receiver suspects a black hole router somewhere between our Concentrator and his network. Cisco says it sounds like a packet size issue and recommends setting the fragmentation option to "Fragment prior to IPsec encapsulation with Path MTU Discovery (ICMP)".
I am a novice at this and am wondering if it's better to set the fragmentation option as recommended or lower the MTU setting on the concentrator. It seems from what I've read at various sites that the PMTUD option depends on routers between me and the receiver properly handling that request.
I will add that the missing packet issue is intermittent. The same bundle of data may fail due to a missing packet and then turn around and immediately work when the receiver re-requests the same data.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...