I have a L2TP VPDN Connection between my ISP and a router at my site. User Dials the ISP and the ISP forwards their connection to my onsite router using L2TP VPN.
We used to run this through a Checkpoint Firewall and had no problems. After taking checkpoint out and installing PIX 515E (version7.0.4) we stared experiencing problems.
1. The L2TP VPDN tunnels establish and have connections, but the data transfer is almost non-existent on some connections, but on others it is fine.
Eventually we rolled back to the checkpoint firewall and found that it reported some fragmentation problems for the L2TP traffic to the onsite router. (Although this was being reported - we are not getting problems or slow connections when connecting through the checkpoint firewall).
How does PIX handle fragmented packets?
Can I check for these fragmented packets being dropped to determine if this is the case?
Might it be a PIX OS issue?
Will changing the MTU size on the PIX interfaces make any difference to getting these problems resolved?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...