06-29-2008 12:32 AM - edited 03-03-2019 10:32 PM
Hello everybody
i'm actually configure a router cisco 871.
My objectives:
- access to internet
- Create a VPN Site to Site
for the internet connection all is ok
no more problem.
But i have a serios problem with my VPN. I created a VPN-Site-to-Site between this router and Netasq F200. VPN is working but when i want to ping form computer behing my cisco, all is ok i can ping 192.168.6.5 which is my netasq address, i can ping server (192.168.6.1)
but if i want to make a 2048 bytes ping on the netasq i can but if i make
ping -l 2048 192.168.6.1 (the server) i can't i don't have any answer. But i used ethereal on server i see icmp incoming form my computer on the netasq i see the answer which come to the cisco but i don't have any answer on my computer. On ethereal i see that there are fragments i tryed to modify MSS (cause i can't modify MTU) but there were no effect.
Please i need to make ping with 2048 bytes it's for GPO (Windows) I attach config file. I hope u'll help me.
06-29-2008 03:26 AM
Hello Mathieu,
you can follow the guidelines of the document
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008081e621.shtml
I would suggest you to reduce the IP MTU with the command ip mtu 1380 under interface vlan1.
MSS applies only to TCP so it isn't effective for ICMP traffic.
hope to help
Giuseppe
06-29-2008 06:59 AM
i already reduced mtu but no way
i cant make ping with 2048 byte on the distant router and it's working but not server behind this router
a little diagram :
IPSec tunnel
internet
Server - - - - ROUTER - - - - - - ROUTER
192.168.0.1 CISCO 871 NETASQ F200
192.168.0.3 192.168.6.5
and behind router i have another server : 192.168.6.1
if i ping (2048) from 192.168.0.1 to 192.168.6.5 it's ok
if i ping (2048) from 192.168.0.1 to 192.168.6.1 no answer
if i ping (normal) form 192.168.6.1 to 192.168.0.3 it's ok
if i ping (2048) from 192.168.6.1 to 192.168.0.3 no answer
it's same if i ping from 192.168.6.1 to 192.168.0.1
i don't understand
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide