06-04-2013 08:08 AM - edited 03-04-2019 08:06 PM
Branch office has 881 VPN router. Services that ignore MSS in packets don't work. Adjusting MSS has no effect since the services are ignoring that setting. Example: www.google.com works fine, but some Yahoo sites don't.
Found a workaround for exceeded MSS for PIX and ASA (link below), but can't find anything for VPN routers.
Solved! Go to Solution.
06-04-2013 12:23 PM
MS,
Let me apologize for my earlier response. I was not applying "ip tcp mss-adjust" correctly. I still had the value too high and ended up lowering it to 1300. I also needed to enable "ip tcp path-mtu-discovery" and "tunnel path-mtu-discovery", at both ends of the connection.
After adding everything and applying MSS adjust correctly, my problem has been resolved.
Again, sincerest apologies.
Best regards,
BMac
06-04-2013 08:36 AM
06-04-2013 08:53 AM
No, adjusting MSS value has no effect because the receiving end is ignoring this value in packets. That's why some services work and others don't.
Thanks for trying.
06-04-2013 12:23 PM
MS,
Let me apologize for my earlier response. I was not applying "ip tcp mss-adjust" correctly. I still had the value too high and ended up lowering it to 1300. I also needed to enable "ip tcp path-mtu-discovery" and "tunnel path-mtu-discovery", at both ends of the connection.
After adding everything and applying MSS adjust correctly, my problem has been resolved.
Again, sincerest apologies.
Best regards,
BMac
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: