cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
403
Views
0
Helpful
1
Replies

IPSEC over IPSEC over MPLS

martynbeck
Level 1
Level 1

Im running a lab combined with production test where we have desktop device traffic travelling over a pix to pix ipsec tunnel, itself which is tunnelled over a pix to pix ipsec tunnel, transiting over a provided MPLS segment (the MPLS which i have no vision of). There are issues with packet MTU, with all the kit at default 1500 mtu, pings drop at 1375 bytes. Forcing a lower MTU of 800, and the pings start droping at 661 bytes. Needless to say the desktop applications have issues... Before I start to look at changing DF bits/TCP MSS, I am wondering if anyone has worked this scenario previously, and found a resolve ??

Thanks

Martyn

1 Reply 1

umedryk
Level 5
Level 5

I believe changing the DF bits is the best solution for this issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: