problem wih IPSEC site to site

emadehsan · ‎02-18-2008

hello there

i have a site to site ipsec vpn over internet for site A and site B . there is problem with SQL , Remote Desktop ...

the connection establish just for a second and after that i receive connection was broken !!!! on both remote desktop and SQL but i have stable ping all the time !

cisco24x7 · ‎02-18-2008

This will fix your problem:

C2621#conf t

Enter configuration commands, one per line. End with CNTL/Z.

C2621(config)#int f0/0

C2621(config-if)#ip tcp adjust-mss 1300

C2621(config-if)#end

C2621#

CCIE Security

vironet · ‎02-25-2008

If i have subinterfaces

interface FastEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

no ip address

speed auto

full-duplex

!

interface FastEthernet0/0.160

encapsulation dot1Q 160

ip address 192.168.160.1 255.255.255.0

ip policy route-map FTPPTP

no snmp trap link-status

!

interface FastEthernet0/0.203

encapsulation dot1Q 203

ip address 192.168.203.254 255.255.255.0

ip policy route-map abaneo

no snmp trap link-status

!

interface FastEthernet0/0.204

encapsulation dot1Q 204

ip address 192.168.204.254 255.255.255.0

ip access-group popusa in

no snmp trap link-status

!

interface FastEthernet0/1

ip address 200.76.152.252 255.255.255.0

ip nat outside

ip virtual-reassembly max-reassemblies 200

duplex auto

speed auto

crypto map client

Where do i have to configure de ip tcp adjust-mss 1300,