Just added it to the global config an on the Cisco 877 and it still says I need to add it. Could it be the ASA side?

You can try adding the command to the ASA. Are you having problems sending data through the L2L VPN tunnel. I have found the 'ip tcp adjust-mss 1440' command to be very helpful is addressing MTU problems over IPSEC connections. Configure this command under the LAN facing interface on the 877 and check your connection between the hosts on the LAN instead of using the SDM to test.

HTH

Sundar

It all seems to be fine, but the SDM recommends this after doing a test of the tunnel.

Should I add that to the global config of the ASA?

I've added 'ip tcp adjust-mss 1440' tot he VLAN 1 of the 877.

It doesn't hurt to use the df-bit clear command to the global configuration of the ASA.

When I do it's ask what interface:

ASA5520(config)# crypto ipsec df-bit clear ?

configure mode commands/options:

Current available interface(s):

DMZ1 Name of interface GigabitEthernet0/2.6

inside Name of interface GigabitEthernet0/1

management Name of interface Management0/0

outside Name of interface GigabitEthernet0/0

Would it just be the outside?

That would be correct if your VPN connection terminates on the outside interface.

HTH

Sundar

Added to the outside but that request to add still remains, nevermind.

Guess it's no problem being in there?

I wouldn't worry about it. Especially, since your VPN tunnel seems to be up and passing traffic and users aren't having any problems.