Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2343
Views
0
Helpful
1
Replies

ASA, IPSec pre-fragmentation

isk-admin
Level 1
Level 1

‎11-29-2007 11:14 PM - edited ‎02-21-2020 01:48 AM

We have an site-to-site IPSec-VPN with an external company. This company use rdp to manage their server in our LAN. Suddenly rdp did not function. After I choose the feature IPSec Prefragmentation Policy and set the DF Bit Policy from copy to clear it works again good. What does this option do?

I think the problem started with update WINDOWS2003 MS05-19.

0 Helpful
1 Reply 1

Not applicable

‎12-06-2007 02:34 PM

Sometimes larger packets needs to be fragmented before being transmitted. DF(Dont Fragment) option in the ip packet from the client prevents this fragmentation. When you set clear DF bit, ASA automatically clear this DF bit if the size of the packet is larger than the capacity.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card