Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
901
Views
0
Helpful
0
Comments

How to configure ASA 5500 to establish a Citrix connection to a Unix host

TCC_2
Level 10
Level 10

‎06-22-2009 04:11 PM - edited ‎03-08-2019 06:14 PM

Core issue

Unable to configure ASA 5500 tp establish a Citrix connection to a unix host

Resolution

To resolve this issue, perform these steps:

  1. Make sure the policy map command has been issued.

       
  2. Check for the %ASA-6-602101: PMTU-D packet 1420 bytes greater than effective mtu 1350, dest_addr=, src_addr=, prot=TCP %ASA-2-106017: Deny IP due to Land Attack from to error in the log.

       
  3. Change the tcpmss size  to a value that is permissible according to the log. Set it to 1300, as shown in this example:

    ASA5510#conf t

    ASA5510(config)# mtu outside 1500

    ASA5510(config)# sysopt connection tcpmss 1300
       

For more information, refer to the cysopt connection tcpmss command.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents