Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

IPSec and fragments - windows 2000 DC

Hi all

I have a problem with an IPSec tunnel between 2 IOS 12.2 routers with ADSL connections to the internet. I have an win2k srv at each site - one member and one DC. Now I try to promote the second to an DC also - but this fails because the UDP datagrams for the kerberos comms are fragmented - which cannot be assembled again then. I have ran out on god ideas - any suggestions for how such an tunnel should be configured ?? I have set the MTU on both servers to 1300 - just to be sure and in the tunnel I have an MTU set to 1400 so there should'nt be any problems at all with packet size's

Kind regards

Thomas Iwang

2 REPLIES
New Member

Re: IPSec and fragments - windows 2000 DC

Silver

Re: IPSec and fragments - windows 2000 DC

1. http://support.microsoft.com/?kbid=244474

Try that out - force kerberos to use TCP.

2. ADP, huh? Please increase my paycheck. Thanks ;-)

Matt

87
Views
0
Helpful
2
Replies
CreatePlease to create content