Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
393
Views
0
Helpful
2
Replies

MSS exceeded messages in version 7.0(2)

bjelf
Level 1
Level 1

‎08-31-2005 08:14 AM - edited ‎03-09-2019 12:18 PM

Anyone using version 7.0(2) getting alot of these:

PIX-4-419001: Dropping TCP packet from outside:xxx to inside:xxx/80 reason: MSS exceeded, MSS 1380, data 1404

I'm seeing a lot and woorried that this is legitimate traffic being blocked. Thinking of using the workaround I found here:

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a00804c8b9f.shtml

..but wondering if you guys are seeing similar issues since there are a "few" web servers out there that don't honor the MSS value.

Thanks

-Dan

Labels:
0 Helpful
2 Replies 2

f-mulder
Level 1
Level 1

‎08-31-2005 10:48 AM

Hello Dan, there are indeed web servers that don’t respect the MSS value. In the work around document there is a example, its up to you if you implement it.

I have don it for only one web server which was required for the finance department.

Regards, Freddy

0 Helpful

bjelf
Level 1
Level 1
In response to f-mulder

‎08-31-2005 12:26 PM

Oh thanks Freddy. I've seen this on 4 or 5 of our web servers. Seems to be a mix of apache and IIS though. That's why I thought it odd.

0 Helpful
Customers Also Viewed These Support Documents