Cisco 3002 unit w/ PPPoE causing trouble with fragmentation
We recently changed the ISP at one of our remote sites that uses a Cisco 3002 hardware VPN client. The new ISP service is delivered via PPPoE. The actual turn-up and operation with the ISP worked great, however we have one nasty issue surface. It appears the overhead of the PPPoE layer is causing large packets to drop entirely. The end user symtom is a browser that times out or partially displays pages. This issue comes out routinely when accessing web sites with heavy content, such as hotmail.com, microsoft.com, msn.com, etc.
I have tried desperately to adjust the MTU settings on both the public and private interfaces, which did not change anything. I also tried adjusting the three fragmentation selections, but again no change.
Running the Cisco 3002 with PPPoE must be a very common practice, is there something I am missing here?
Re: Cisco 3002 unit w/ PPPoE causing trouble with fragmentation
You will have to use some utility like Dr.TCP to change the MTU size in windows registry itself because changing the MTU size in VPN client may not work always. Cisco has a document that describes this problem
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...