Hi, I am using a Cisco 837 router with a ADSL connection to the Internet. I need to use a VPN connection from my PC to a Windows 2003 VPN server over the Internet, i.e.
my PC using Windows XP connects a VPN connection via the default gateway (Cisco 837 router) -> Internet -> a site with a Nokia ADSL modem (gateway) -> the Windows 2003 VPN server (192.168.1.5)
The VPN connection connects fine with no problems except for I cannot download anything more than 2kb (binary files, like a GIF picture) from the Windows server via the VPN connection. However, text files larger than 2kb or any size are fine. I also cannot use Remote Desktop connection to the Windows 2003 server either - it brings up a grey background window and does not go further than that. I notice the VPN connection's status Sent total is much greater than the Received bytes total.
I was using a normal Netgear ADSL router before and never have any problems. The above problem only occurs when I started using the Cisco 837 router. I think it's the MTU problem, but tried resetting and restarting with no luck.
The ip tcp adjust-mss command helps prevent TCP sessions from being dropped by adjusting the MSS value of the TCP SYN packets. The ip tcp adjust-mss command is effective only for TCP connections passing through the router. In most cases, the optimum value for the max-segment-size argument is 1452 bytes.
Try this command under you Ethernet interface facing your LAN "ip tcp adjust-mss 1452"
Thanks for the response. Yes your answer helped in resolving the problem, i.e. I had to
1. do a "ip tcp adjust-mss 1452" against the e0 interface (just like your answer)
2. change the MTU valud to 1300 in my Windows XP LAN
The combination of the above two resolves the VPN packet problem.
While we are on this subject, is there a IOS command I can use so my VPN connection stays active after the idle time, note I think my Windows VPN icon still says connected but all tcp connections are dead?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...