Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Possible MTU issue

I have a LWAPP tunnel running through a PIX to PIX VPN tunnel. Max frame sizes trying to get accross the LWAPP tunnel get dropped. How I force the PIXs to fragment?


Re: Possible MTU issue

You cannot force the PIX to fragment packets, however you can increase the mtu size on PIX using command "sysopt connection tcpmss".

New Member

Re: Possible MTU issue

I have the same problem with LWAPP packets that are fragmented gets dropped as long as they are inside the IPSec tunnel. The LWAPP is a UDP protocol packet.

How do we use the "sysopt connection tcpmss" to get the PIX to forward these fragments?

The fragements are set with the DF bit. Fragment is 1476 byte and this is less than the standard MTU on PIX IPsec tunnel but larger than MTU minus IPSec Overhead. I've tried to increase the MTU in PIX VPN tunell but no good result.

CreatePlease to create content