Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3777
Views
0
Helpful
1
Replies

Change MTU for just one Site-to-Site VPN between ASAs?

Mike Thomas
Level 1
Level 1

‎09-18-2012 10:23 AM

        Hi -

I'm setting up a Site-to-Site Cisco VPN between ASAs. I'm being told by the remote site engineer to set the maximum MTU at 1362.

Is it possible to set the MTU for one specific site-to-site VPN on my ASA 5510 Security Plus to MTU 1362? I see my interfeces are all set at 1500.

If not, would you recommend I setup a subinterface on my inside network router and a subinterface on the ASA with an MTU of 1362 to get around this issue? Then use this subinterface for traffic from my inside network to transverse through prior to hitting the VPN.

Thank you.

Labels:
0 Helpful
1 Reply 1

david.tran
Level 4
Level 4

‎09-18-2012 06:35 PM

I would not worry too much about UDP traffics.  I rather concentrate on TCP traffics because almost all of the issues will be TCP.

Therefore, I would set the MSS value to 1362 or may be like 1300:   sysopt connection tcp-mss 1300

That will solve most of  your issues.

0 Helpful
Customers Also Viewed These Support Documents