Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2944
Views
4
Helpful
4
Replies

RDP not works but telnet x.x.x.x 3389 works

arkothapally
Level 1
Level 1

‎09-16-2008 08:38 AM - edited ‎03-03-2019 11:34 PM

I am trying to connect from florida location to MO. trace route, ping and telnet 3389 works but RDP application not works.I did some work around and used the command ip tcp adjust-mss 1260 in my first tunnel and it fixed the issue. my question is how MTU is varying and will it have effect on Applications?

Thanks in advance

Labels:
0 Helpful
4 Replies 4

singhsaju
Level 4
Level 4

‎09-16-2008 09:28 AM

Hi,

Application data packets have their own header .IPsec adds its header to normal data packet and increases its size and if you are doing GRE over Ipsec then GRE header is also added.This increase the size of packet more than 1500 bytes . And since network devices have MTU set for 1500 bytes these devices will try to fragment the packet . And since the df bit on the packets is not set and the device cannot fragment it , it drops the packet.

You can find out the exact packet size that will traverse the tunnel without fragmentation by using ping "ping -l 1400 192.168.1.1 -f " . you can gradually decrease the length of packet and see when you start getting the response from destination host . Then once you know that length of packet , you can adjust TCP MSS value accordingly on the VPN head end device.

Check out the following link :

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml#Issues

HTH

Saju

Pls rate helpful posts

arkothapally
Level 1
Level 1
In response to singhsaju

‎09-16-2008 11:46 AM

Make sense.

Thanks for the reply

0 Helpful

singhsaju
Level 4
Level 4
In response to singhsaju

‎09-16-2008 12:38 PM

Correction

"And since the df bit on the packets is set and the device cannot fragment it , it drops the packet"

0 Helpful

arkothapally
Level 1
Level 1
In response to singhsaju

‎09-17-2008 05:52 AM

Saju,

Is there any other way we can solve this issue without using ip tcp adjust -mss.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card