08-23-2013 02:32 AM - edited 03-04-2019 08:51 PM
Hi All,
I'm running a cisco 887va and connecting to through PPPoE to an ISP. I can't seem to access https://skydrive.live.com/ or uk.msn.com though? All other sites i have tried including news.msn.com are working fine. I have messed around with the MTU value with no luck.
I am slightly confused though when editing the MTU there appears to be two settings IP MTU and just MTU under the Dialer0 interface? I have tried numerous combinations some have caused a load more websites to become unavailable but I cannot seem to get skydrive or MSN to work under any conditions. Both sites are up as I can access them easily through a differrent ADSL connection using a draytek router?
Dialer 0
MTU
IP MTU
any help is greatly appreciated.
thanks
Solved! Go to Solution.
08-23-2013 01:37 PM
Reload router, if still trouble post updated config.
08-23-2013 02:41 AM
update. It seems that most Microsoft related sites will not load, skydrive/msn homepage/ volume Licensing / microsoft.com? There are no configured firewall settings?
thanks
08-23-2013 06:40 AM
Post config.
08-23-2013 07:51 AM
Hi this is the current config.
Current configuration : 4969 bytes
!
! Last configuration change at 09:50:59 UTC Fri Aug 23 2013
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname BH-SiteLink
!
boot-start-marker
boot-end-marker
!
!
no logging console
enable secret 5 ****************
enable password **************
!
no aaa new-model
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 10
!
crypto pki trustpoint TP-self-signed-*************
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-*********
revocation-check none
rsakeypair TP-self-signed-**********
!
!
crypto pki certificate chain TP-self-signed-******
certificate self-signed ******
quit
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
vpdn enable
!
vpdn-group pppoe
!
license udi pid CISCO887VA-K9 sn FCZ171294ED
!
!
!
!
!
!
!
controller VDSL 0
!
csdb tcp synwait-time 30
csdb tcp idle-time 3600
csdb tcp finwait-time 5
csdb tcp reassembly max-memory 1024
csdb tcp reassembly max-queue-length 16
csdb udp idle-time 30
csdb icmp idle-time 10
csdb session max-session 65535
!
!
crypto isakmp policy 10
hash md5
authentication pre-share
crypto isakmp key ************** address 0.0.0.0
!
!
crypto ipsec transform-set strong esp-3des esp-md5-hmac
mode tunnel
!
crypto ipsec profile SP
!
crypto ipsec profile **
set security-association lifetime seconds 900
set transform-set strong
!
!
!
!
!
!
!
interface Tunnel0
ip address 10.8.8.254 255.255.255.0
no ip redirects
ip mtu 1440
ip nhrp authentication SP1
ip nhrp map multicast dynamic
ip nhrp network-id 1
no ip split-horizon
tunnel source Dialer0
tunnel mode gre multipoint
tunnel key 0
tunnel protection ipsec profile SaferPlaces
!
interface Ethernet0
no ip address
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
!
interface Ethernet0.101
encapsulation dot1Q 101
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface FastEthernet0
no ip address
shutdown
no cdp enable
!
interface FastEthernet1
no ip address
shutdown
no cdp enable
!
interface FastEthernet2
no ip address
shutdown
no cdp enable
!
interface FastEthernet3
no ip address
no cdp enable
!
interface Vlan1
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface Dialer0
mtu 1482
ip address negotiated
ip mtu 1440
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname ***********
ppp chap password 0 *********
ppp pap sent-username ********** password 0 **************
ppp ipcp dns request
ppp ipcp route default
!
router rip
version 2
network 10.0.0.0
network 192.168.0.0
no auto-summary
!
ip forward-protocol nd
ip http server
ip http secure-server
!
ip nat inside source list 2 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
access-list 1 remark CCP_ACL Category=16
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 2 remark CCP_ACL Category=2
access-list 2 permit 192.168.0.0 0.0.0.255
access-list 5 permit 192.168.0.0 0.0.255.255
access-list 5 permit 10.0.0.0 0.255.255.255
!
snmp-server community public RO
!
!
line con 0
exec-timeout 0 0
no modem enable
line aux 0
line vty 0 4
password *************
login
transport input all
!
!
end
08-23-2013 09:05 AM
configure
interface Ethernet0
no ip address
no ip nat inside
no ip virtual-reassembly in
no ip tcp adjust-mss 1452
interface Dialer0
mtu 1492
no ip mtu 1440
ip ip virtual-reassembly
ip tcp adjust-mss 1452
no ip route 0.0.0.0 0.0.0.0 Dialer0
08-23-2013 10:49 AM
Hey Paolo, thanks for getting back to me.
I've updated the config as suggested unfortunately the sites still won't load. Any other suggestions?
regards,
Darren
08-23-2013 01:37 PM
Reload router, if still trouble post updated config.
08-23-2013 09:55 PM
Hi Darren,
Just remove the interface mtu 1482 and configure as follows.
Don't use mtu on dialer as of now.
Wan : Tunnel = ip mtu 1400
LAN : ip tcp adjust-mss 1300
Let me know this works. We can then hunt down the most closest IP MTU by discovering it later.
- Hiraman
Sent from Cisco Technical Support iPad App
08-24-2013 04:59 AM
Hey all,
updating the config as paolo suggested worked after reloading the router.
thanks for the help really appreciate it..
08-25-2013 12:43 AM
Congratulations Darren
-Hiraman
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide