10-01-2009 07:54 AM - edited 03-04-2019 06:13 AM
I am using an 1811 router to connect my network to the Internet. Outgoing mail from our server was getting delayed. I setup packet sniffers on the inside and outside of the router and found that not all the packets were getting through. The server sent 4 SMTP Data packets right after each other and only 2 were sent from the router to the remote host (see attached jpg).
I don't know a lot about routers. What could be blocking/discarding the packets?Is there a way on the router to monitor the packets comming in and going out?
Thanks in advance,
Jason
10-01-2009 08:01 AM
Nice trace, but something is wrong with the server because hosts should never generate IP fragments. Please check host's interface MTU, etc.
10-01-2009 08:10 AM
Can we have a look at the routers config?
10-01-2009 10:26 AM
10-01-2009 10:32 AM
You can try removing the ip inspect commands, beside that there is nothing you can do about on the router, and you should fix the server instead.
10-01-2009 11:17 AM
The MTU setting on the server NIC is 1500. It is a gigabit ethernet connection into the same gigabit switch that the 1811 is connected to. What is a recommended MTU setting?
If I remove the ip inspect settings, won't that affect traffic getting back through the firewall?
10-01-2009 01:31 PM
But the server is sending IP packets longer than 1500, that's not normal.
You still have basic FW protection by virtue of NAT by removing inspect. I never seen inspect being necessary or blocking any threat.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: