Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
258
Views
6
Helpful
0
Replies

CSCvw29573 - DOC: When using PPPoE interface on WM FTD tcp-mss borked

tedmittelstaedt
Level 1
Level 1

‎04-21-2022 03:28 PM

This is still an issue in version 7 Firepower code.  It was NOT an issue in the older ASA.

 

I don't care if you think PPPoE is obsolete, it's still used on the Internet.  Get it together and support it when defining a PPPoE interface.

 

Per the following this was known as an issue as it was cited as an example.

Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.2.3 - Advanced Configuration [Cisco Firepower NGFW] - Cisco

See the paragraph:

 

"For example, you might want to configure the maximum TCP segment size (TCP MSS). You can control this setting with the sysopt connection tcpmss command. When configured by Firepower Device Manager, the Firepower Threat Defense default for this option is 0, compared to the ASA default of 1380."

 

The correct command (in version 7 Firepower code) is:

sysopt connection tcpmss 1260

 

1 person had this problem
Labels:
0 Replies 0
Customers Also Viewed These Support Documents