01-13-2006 02:11 AM
We have implemented a BBSM server for a customer at their data centre. Remote site users connect to the Internet through BBSM via GRE tunnels from a defined guest VLAN over the WAN via wireless connectivity.
Computers are successfully located and authenticated using access codes on the BBSM.
During testing we have noted that devices can only browse the Internet once authenticated if their LAN interface MTU is set to 1300 (i.e. when set manually or when the Cisco VPN client is installed which sets the MTU at install).
'Normal' laptops with MTU at default of 1500 cannot browse the Internet.
We believe the problem is to do with the Internet connection the customer has (supplied/managed by a third party and protected by a NetScreen firewall), however we would like to confirm that this is likely.
We are able to web browse from the BBSM server itself, however... which seems odd...
Any ideas?
Solved! Go to Solution.
01-16-2006 09:26 AM
Hello,
You can try to configure "ip tcp adjust-mss 1300", which will intercept the TCP Syn packet during session setup in that it sets MSS to 1300 Bytes. The MTU of the clients will stay at 1500 and TCP does it´s thing.
This works well for all sorts of tunnels, IPSec and the like. For the command details have a look at
Hope this helps! Please rate all posts.
Regards, Martin
01-16-2006 09:26 AM
Hello,
You can try to configure "ip tcp adjust-mss 1300", which will intercept the TCP Syn packet during session setup in that it sets MSS to 1300 Bytes. The MTU of the clients will stay at 1500 and TCP does it´s thing.
This works well for all sorts of tunnels, IPSec and the like. For the command details have a look at
Hope this helps! Please rate all posts.
Regards, Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide