I am working with my first Cisco device, an 1811 Integrated Services Router running IOS 12.4 (as far as I recall) and configured through SDM. I've got the EasyVPN setup and connected. This is on a test network right now, all Ethernet, not going through any ISP. My machines can connect with the VPN, ping each other and TFTP traffic passes as a test of general data communication. All of that works. However, when I try windows filesharing stuff like the "net use" command or mapping a drive, I cannot get any data to flow.
I am new to IOS and am totally unfamiliar with where to look to troubleshoot this problem. I've tried adding different types of ACL's to the unit through SDM to try and work around this but they don't seem to change anything.
Cisco is statically set to 192.168.5.5 for its fe0 interface
LAN IP (VLAN1): 192.168.2.1
LAN DHCP Pool: 192.168.2.100-200
VPN Pool: 192.168.3.1-20
ACL is setup to allow traffic between them as far as I can tell.
LAN IP of test pc: 192.168.2.100
Remote computer is behind a firewall with an external IP of 192.168.5.102
LAN IP of this router: 192.168.12.1
LAN IP of pc: 192.168.12.53
VPN IP (when established): 192.168.3.1
Pings from a laptop on 192.168.2.100 can hit 192.168.3.1 (remote computer). The remote computer can TFTP a file over to a machine behind the VPN. No windows file traffic (SMB) travesl between them so far as I can see.
I've looked into this some more with packet captures and pings between the machines and now I see that it is an MTU issue between the two devices. I have not explicitly set any MTU settings on this device and the maximum packet size that will go through is 1300 bytes (1270 ping + 30 byte overhead for ICMP according to Ethereal).
When pinging from a machine inside the LAN, I do NOT receive a "packet must be fragmented" error, I just get request timeouts. When pinging from the vpn client machine, I *do* get "packet must be fragmented" responses back.
This is very puzzling. Why is the MTU set to 1300 and how do I change that? The main WAN interface (FastEthernet0) cannot be changed according to the console so I'm wondering where you find this setting on the router itself.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...