Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5540 - Clientless VPN (SSL) function ignores MTU setting

It appears that the Clientless VPN (SSL) function completely ignores the mtu setting that is applied to the inside and outside interfaces.

mtu inside 1300

mtu outside 1300

I have verified that this is true with ver 7.2(4) and 8.0(3) using packet captures at the client side of the session.

I have confirmed that if the Clientless VPN (SSL) function would adhere to this setting, all of the problems that our users are experiencing when accessing OWA remotely would go away.

I've verified this by manually setting the MTU size on the workstation. When it is 1300, everthing works fine.

Can anyone explain why the Clientless VPN (SSL) function will not adhere to this setting?

1 REPLY
Silver

Re: ASA 5540 - Clientless VPN (SSL) function ignores MTU setting

To specify the maximum transmission unit for an interface, use the mtu command in global configuration mode. To reset the MTU block size to 1500 for Ethernet interfaces, use the no form of this command. This command supports IPv4 and IPv6 traffic.

syntax:

mtu interface_name bytes

The default MTU bytes is 1500 for Ethernet interfaces

for more information about mtu setting refer:

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1751599

513
Views
0
Helpful
1
Replies
CreatePlease to create content