Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Cisco Community November 2020 Spotlight Award Winners

Users unable to connect to the Exchange server through an IPsec tunnel on the VPN 3000 Concentrator

Labels:
435
Views
0
Helpful
0
Comments
TCC_2
Advocate
‎06-22-2009 05:11 PM
edited on: ‎06-22-2009 ‎05:11 PM

Core issue

IPsec adds more header to the packets exchanged across the tunnel. This issue can be related to the  fragmentation of packets. Outlook uses Path MTU for the fragmentation policy, but this is not enabled by default on the VPN 3000 Concentrator.

Resolution

Complete these steps to resolve the Path MTU size issue:

  1. Select the Public interface.

  2. Check the IPsec fragmentation policy that you have enabled.

  3. Set this policy to Fragment prior to IPSec encapsulation without Path MTU Discovery (Clear DF bit).

  4. Try the connection again.

Note: Once you change this setting, it brings down all the other tunnels you have at the moment since something has changed to the way the VPN Concentrator must handle the tunnels.

0 Helpful
Latest Contents
Cisco ISE BYOD Andriod
Created by Nitesh Saxena on 02-24-2021 12:19 PM
0
0
0
0
Hi Guys, I need some help, i am deploying BYOD for andriod and i need to know the ip address for teh google play which should be allowed to download app. I am not able to find out all the ip address which is required. Thanks
ASA 5505 - Input Errors
Created by antoninNet on 02-24-2021 10:44 AM
1
0
1
0
Hello everyone, I am happy that I joined this community. I know that this is the best place to learn and help people, but at this moment I need some help because it's very urgent. I have 2 ASA 5505 connected by an interface. The interface is to ... view more
ISE 2.7 - CrowdStrike remediation support
Created by Roberto.Carmona on 02-24-2021 09:44 AM
1
0
1
0
Hi experts, Doing some research for a customer's project. I found that ISE does not contains any posture remediation actions for Crowdstrike software (please see attachment). I've check both the AntiMalware and AntiVirus remediation options and didn'... view more
Firepower Cloud Services/Smart license - Region Issue
Created by KiloBravo on 02-24-2021 09:28 AM
0
0
0
0
Have a couple of firepower devices in HA , managed by FDM. I'm trying to add a token for smart licensing registration however I can't seem to see or select any option other than 'US region'. This is happening under both the cloud services registration and... view more
RV345 Client-To-Site VPN not working
Created by mydeevel on 02-24-2021 08:16 AM
3
0
3
0
Hi, can anyone help me to how setup a client-to-site vpn on RV345 router, I've tried many ways but no luck. I already went through the Cisco guide for this onhttps://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb... view more
Content for Community-Ad