access-list 108 permit ip 192.168.2.0 0.0.0.255 192.168.8.0 0.0.0.255
(I added the permit tcp/udp statements on top of the regular permit ip in hopes that it helps)
Problem: I can ping between the 2 networks fine - 192.168.2.200 to 192.168.8.59 flies with this config. As soon as I initiate a Terminal session (RDP) from one network to another, it not only does not go through (can't connect to remote host), pings stop working as well!
The thing is, when I intiate RDP sessions from the 172 network behind the 3845 router, they work just fine.
Here's output of something that looks not right to me:
#show crypto session
Crypto session current status
Session status: UP-ACTIVE
Peer: X.X.X.X port 500
IKE SA: local Y.Y.Y.Y/500 remote X.X.X.X/500 Active
Re: IPSec tunnels, ping works - applications don't
Have you tried, "ip tcp adjust-mss".
Use the ip tcp adjust-mss command so that the router will reduce the TCP MSS value in the TCP SYN packet. This will help the two end hosts (the TCP sender and receiver) to use packets small enough so that PMTUD is not needed.
Please refer the below URL for additional information.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...