I have set up vpn remote tunnel from xp sp2 with easyvpn client to an asa 5510 head. The connection works from cable remotes, but not over a gprs connection.
Since ping works, I assumed it might be MTU related so I kept decreasing the mtu on both the gprs network interface and on that of the easyvpn. However, nothing happened (I got as low as MTU 500).
Our service provider uses private addresses so nat-t is set. the client connects, asks for the username with xauth, the connection seems to establish, but the tcp connections usually stop at SYN/ACK or ACK.
On the out1 IF of the head pre-fragmentation is enabled and DF bit is set to clear. I was thinking about decreasing the mtu on the out1 interface, but since the device is localted at a data center and is serving traffic on the same outside inferface, I was afraid that lowering the mtu on the out1 would result in slower transfers / higher cpu utilization of the fw.
Since it seems, that no one has any ideas, I am going to try to reduce the mtu on the outside interface. I have read somewhere the mtu site does not affect the packet passing through. so does anyone know if the reduction of the mtu on the outside if will reduce performance from and to the webserver on an other interface?
You are totally right. We have several providers here in the Netherlands and I was trying this with exactly the one which doesn'r work (Vodafone). With exactly the same windows mobile with exactly the same config but on a different provider I had no problems. Thanks :)
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...