Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
278
Views
0
Helpful
1
Replies

IMCP traffic thru FWSM

npeter77
Level 1
Level 1

‎02-25-2005 07:35 AM - edited ‎03-10-2019 01:31 PM

Hi,

I have a FWSM running 1.1(3). When I try to ping to any outside host with packet size less than 1427 its working but if the packet size if more than 1427, I get a request timed out for the ping. Is there anyway of making ping with packet size greater than 1427 go thru FWSM.

Regards,

Naveen Peter

Labels:
0 Helpful
1 Reply 1

jboyer
Level 1
Level 1

‎02-25-2005 08:26 AM

I suspect somewhere between you and your ping destination there is a MTU at 1427 and if you send a ping larger than that it is being fragmented. Most well designed networks will drop ICMP fragements. There is no legitimate reason for an ICMP (particularly echo/echo-reply) to exceed a single packet. You can debug ip packets on the interface to verify it is leaving your firewall.

0 Helpful
Customers Also Viewed These Support Documents