Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Windows Server 2008 Compatibility with Cisco PIX

I have an interesting problem and I'm wondering if anybody else has encountered it. I have a customer where we've just installed a new Windows 2008 server. Everything works great until we try to communicate to XP clients on the other side of a L2L VPN running a pair of PIX 501 firewalls. ICMP works fine, but beyond that communications are very spotty, some http works, but no SMB. We have a case with Microsoft going and they're telling us that there is an incompatiblity between the TCP/IP stack on Windows 2008 and Cisco PIX. The PIX firewalls are running 6.3.5.

I'm skeptical of this because everything else works great. In fact the XP clients on the other side of the tunnel can actually communicate, via SMB, with the 2008 server. It's only when the 2008 attempts to communicate the other direction that we have problems.

Anybody heard of anything like this? Sound at all reasonable or possible?


Re: Windows Server 2008 Compatibility with Cisco PIX

Check the MTU/MSS on the windows server. Disable PMPTUD/BHMTUD

You could also drop the MSS in the PIX:-

sysopt connection tcpmss 1300


CreatePlease to create content