08-23-2013 02:32 AM - edited 03-04-2019 08:51 PM
Hi All,
I'm running a cisco 887va and connecting to through PPPoE to an ISP. I can't seem to access https://skydrive.live.com/ or uk.msn.com though? All other sites i have tried including news.msn.com are working fine. I have messed around with the MTU value with no luck.
I am slightly confused though when editing the MTU there appears to be two settings IP MTU and just MTU under the Dialer0 interface? I have tried numerous combinations some have caused a load more websites to become unavailable but I cannot seem to get skydrive or MSN to work under any conditions. Both sites are up as I can access them easily through a differrent ADSL connection using a draytek router?
Dialer 0
MTU
IP MTU
any help is greatly appreciated.
thanks
Solved! Go to Solution.
08-23-2013 01:37 PM
Reload router, if still trouble post updated config.
08-23-2013 02:41 AM
update. It seems that most Microsoft related sites will not load, skydrive/msn homepage/ volume Licensing / microsoft.com? There are no configured firewall settings?
thanks
08-23-2013 06:40 AM
Post config.
08-23-2013 07:51 AM
Hi this is the current config.
Current configuration : 4969 bytes
!
! Last configuration change at 09:50:59 UTC Fri Aug 23 2013
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname BH-SiteLink
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret 5 ****************
enable password **************
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 10
!
crypto pki trustpoint TP-self-signed-*************
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-*********
revocation-check none
rsakeypair TP-self-signed-**********
!
!
crypto pki certificate chain TP-self-signed-******
certificate self-signed ******
quit
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
vpdn enable
!
vpdn-group pppoe
!
license udi pid CISCO887VA-K9 sn FCZ171294ED
!
!
!
!
!
!
!
controller VDSL 0
!
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key ************** address 0.0.0.0
!
!
crypto ipsec transform-set strong esp-3des esp-md5-hmac
mode tunnel
!
crypto ipsec profile SP
!
crypto ipsec profile **
set security-association lifetime seconds 900
set transform-set strong
!
!
!
!
!
!
!
interface Tunnel0
ip address 10.8.8.254 255.255.255.0
no ip redirects
ip mtu 1440
ip nhrp authentication SP1
ip nhrp map multicast dynamic
ip nhrp network-id 1
no ip split-horizon
tunnel source Dialer0
tunnel mode gre multipoint
tunnel key 0
tunnel protection ipsec profile SaferPlaces
!
interface Ethernet0
no ip address
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Ethernet0.101
encapsulation dot1Q 101
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface FastEthernet0
no ip address
shutdown
no cdp enable
!
interface FastEthernet1
no ip address
shutdown
no cdp enable
!
interface FastEthernet2
no ip address
shutdown
no cdp enable
!
interface FastEthernet3
no ip address
no cdp enable
!
interface Vlan1
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Dialer0
mtu 1482
ip address negotiated
ip mtu 1440
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname ***********
ppp chap password 0 *********
ppp pap sent-username ********** password 0 **************
ppp ipcp dns request
ppp ipcp route default
!
router rip
version 2
network 10.0.0.0
network 192.168.0.0
no auto-summary
!
ip forward-protocol nd
ip http server
ip http secure-server
!
ip nat inside source list 2 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 remark CCP_ACL Category=16
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 5 permit 192.168.0.0 0.0.255.255
access-list 5 permit 10.0.0.0 0.255.255.255
!
snmp-server community public RO
!
!
line con 0
exec-timeout 0 0
no modem enable
line aux 0
line vty 0 4
password *************
login
transport input all
!
!
end
08-23-2013 09:05 AM
configure
interface Ethernet0
no ip address
no ip nat inside
no ip virtual-reassembly in
no ip tcp adjust-mss 1452
interface Dialer0
mtu 1492
no ip mtu 1440
ip ip virtual-reassembly
ip tcp adjust-mss 1452
no ip route 0.0.0.0 0.0.0.0 Dialer0
08-23-2013 10:49 AM
Hey Paolo, thanks for getting back to me.
I've updated the config as suggested unfortunately the sites still won't load. Any other suggestions?
regards,
Darren
08-23-2013 01:37 PM
Reload router, if still trouble post updated config.
08-23-2013 09:55 PM
Hi Darren,
Just remove the interface mtu 1482 and configure as follows.
Don't use mtu on dialer as of now.
Wan : Tunnel = ip mtu 1400
LAN : ip tcp adjust-mss 1300
Let me know this works. We can then hunt down the most closest IP MTU by discovering it later.
- Hiraman
Sent from Cisco Technical Support iPad App
08-24-2013 04:59 AM
Hey all,
updating the config as paolo suggested worked after reloading the router.
thanks for the help really appreciate it..
08-25-2013 12:43 AM
Congratulations Darren
-Hiraman
Sent from Cisco Technical Support iPad App
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: