09-15-2005 11:35 AM - edited 02-21-2020 12:23 AM
We have recently set up a PIX to PIX vpn between two of our branches. Since this deployment, there are a few web pages that will not open in the remote branch. All other pages open fine in that branch. And the pages that won't open in the remote branch will open in our main branch. I am not a cisco expert by any means--a third party company deployed the PIX's. But what can I look for to possibly resolve this issue w/o getting the 3rd party envolved?
09-16-2005 04:59 AM
You are having MTU issues. Do a search on MTU VPN on CCO and you will get the answer.
09-16-2005 05:28 AM
Thanks I will check into this. Is it possible that this is causing some e-mail (we use IMAP) issues as well??
09-16-2005 05:47 AM
It will cause all sorts of random issues and give you grief. You basically have to either reset the DF bit to 0 or allow ICMP through so that PMTU works properly. A good doc is: IP Fragmentation and PMTUD. Just do a search on CCO.
09-22-2005 05:23 PM
no fixup protocol dns
no fixup protocol http 80
..drive thru!
09-29-2005 08:13 AM
Well this has been a crazy issue. I don't know why, but since the deployment of the VPN, Group Policy hasn't been pushing our proxy settings out to this branch. Im not sure why only a few websites would not display, but I know when I removed the proxy settings from GP, waited for this to replicate, then added the proxy settings back into GP, it is now working fine!
Not sure why but I guess this wasn't a cisco issue:)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide