Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1070
Views
0
Helpful
1
Replies

BBSM MTU Problem

Go to solution
Aaron Harrison
VIP Alumni
VIP Alumni

‎01-13-2006 02:11 AM

We have implemented a BBSM server for a customer at their data centre. Remote site users connect to the Internet through BBSM via GRE tunnels from a defined guest VLAN over the WAN via wireless connectivity.

Computers are successfully located and authenticated using access codes on the BBSM.

During testing we have noted that devices can only browse the Internet once authenticated if their LAN interface MTU is set to 1300 (i.e. when set manually or when the Cisco VPN client is installed which sets the MTU at install).

'Normal' laptops with MTU at default of 1500 cannot browse the Internet.

We believe the problem is to do with the Internet connection the customer has (supplied/managed by a third party and protected by a NetScreen firewall), however we would like to confirm that this is likely.

We are able to web browse from the BBSM server itself, however... which seems odd...

Any ideas?

Aaron Please remember to rate helpful posts to identify useful responses, and mark 'Answered' if appropriate!
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mheusinger
Level 10
Level 10

‎01-16-2006 09:26 AM

Hello,

You can try to configure "ip tcp adjust-mss 1300", which will intercept the TCP Syn packet during session setup in that it sets MSS to 1300 Bytes. The MTU of the clients will stay at 1500 and TCP does it´s thing.

This works well for all sorts of tunnels, IPSec and the like. For the command details have a look at

http://www.cisco.com/en/US/products/ps6350/products_command_reference_chapter09186a00804449e0.html#wp1121272

Hope this helps! Please rate all posts.

Regards, Martin

View solution in original post

0 Helpful
1 Reply 1

Go to solution
mheusinger
Level 10
Level 10

‎01-16-2006 09:26 AM

Hello,

You can try to configure "ip tcp adjust-mss 1300", which will intercept the TCP Syn packet during session setup in that it sets MSS to 1300 Bytes. The MTU of the clients will stay at 1500 and TCP does it´s thing.

This works well for all sorts of tunnels, IPSec and the like. For the command details have a look at

http://www.cisco.com/en/US/products/ps6350/products_command_reference_chapter09186a00804449e0.html#wp1121272

Hope this helps! Please rate all posts.

Regards, Martin

0 Helpful
Customers Also Viewed These Support Documents