Running SSHv2 through a hardware vpn tunnel setup on Cisco 3745 Routers (across the Internet to two different sites, 3745s on both ends).
One system works fine, other identical systems (and various different systems - all Win2k or Winxp) will "hang" on the SSH session when it goes to load a large block of text on the screen.
Running WireShark on the failing system's connections, the other boxes show TCP Checksum Incorrect on various packages and when they fail they show "tcp previous segment lost" and "a segment before this frame was lost".
Again, one system running WinXP sp2 (using a Broadcom Gigabit nic) works fine. Every other system on the network hangs at this spot.
The VPN tunnel has the whole subnet included in the VPN tunnel. We've triple checked that the ACLs are identical on both ends.
Basic connectivity is fine, it just fails when it loads the large block of text listing available commands.
A continuous 10kb ping has no packet loss, no timeouts for >100 pings, at 88msec.
TELNET is an available option, it also fails identically, but again, on that one "magic system" TELNET also works fine.
I have exhausted everything I know about SSH, networks, VPN and the like. Though, I will add that other sites on a Point to Point network, sharing the same domain work fine. It is our remote site through the VPN tunnel that fails.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...