I have tried to alter the MTUs but its not helping. Currently set at 1400. TFTP does work perfectly well.

Will share configs and PCAPs

For the chosen / tested MTUs - how did you come up with these? I am not sure if you have access to the end devices but have you tested different MTU sizes with the DF bit set, e.g

You can test this from a windows machine or Cisco Device itself. See below for one of my own sites. Ping source is HQ - Destination WAN is GRE/IPSEC

On a windows machine -

-f = sets the DF bit
-l = buffer size

ping 10.99.0.1 -f -l 1480

Pinging 10.99.0.1 with 1480 bytes of data:
Packet needs to be fragmented but DF set.
Packet needs to be fragmented but DF set.

ping 10.99.0.1 -f -l 1380

Pinging 10.99.0.1 with 1380 bytes of data:
Request timed out.

Ping statistics for 10.99.0.1:
Packets: Sent = 1, Received = 0, Lost = 1 (100% loss),
Control-C

ping 10.99.0.1 -f -l 1370

Pinging 10.99.0.1 with 1370 bytes of data:
Reply from 10.99.0.1: bytes=1370 time=145ms TTL=252
Reply from 10.99.0.1: bytes=1370 time=120ms TTL=252

Note that I did not get a reply until I used 1370 above, however this would not be the optimum tunnel MTU but it then gives you a figure to then work from.

I am also running IPSEC yes.

Combining GRE with IPsec makes it even more likely that Grant has correctly identified the issue. How are you changing the MTU? I have found using ip tcp adjust-mss to be an effective way of solving this kind of issue.

HTH

Rick