Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

Mail Flow Issue over a IPSec Tunnel

We have a IPSec Tunnel built between 2 PiX Firewalls, (Pix 506E & Pix515E) we are trying to put e-mail traffic on this tunnel, it is between two microsoft exchange Servers. though the latency between the Firewalls is less then 250 mili seconds. mail delivery is getting very slow.

Is there any parameter or configuration that makes this faster.

Suggestions on this would be highly appreciated.

thank you.

New Member

Re: Mail Flow Issue over a IPSec Tunnel

Since you running an IPSec tunnel, you might have MTU-issues. Check for the current value of 'sysopt connection tcpmss xxx' with:

sh run sysopt

The default is:

sysopt connection tcpmss 1380

You might need to lower this even further to 1360.

A second thing you might want to check for is the fixup for smtp, you might want to disable this to allow ESMTP between the two servers.

CreatePlease to create content