Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
625
Views
0
Helpful
2
Replies

File Copy issue over IPSEC Tunnel

sethka
Level 1
Level 1

‎07-22-2008 10:41 AM - edited ‎02-21-2020 03:50 PM

Hello-

I have a LAN-to-LAN VPN in place. I have a Cisco 3030 on one side and a Cisco 3020 on the other side. If I try to copy file bigger then 10mb over this VPN tunnel from one Windows server to another Windows server it fails after a while and says "network name is no longer available".

During my failed copy attempts, I started a continuous ping from server A to server B and I do not drop one single packet. The VPN tunnel is up at all times and I see packets encrypting and decrypting. I also see no errors on either Concentrators log and both are running the latest code. Any help would be greatly appreciated.

Thanks in advance.

Labels:
0 Helpful
2 Replies 2

hadbou
Level 5
Level 5

‎07-28-2008 10:11 AM

Add the command to both the routers 3020 and 3030 at the end of the tunnel which may solve the issue you are facing.To adjust the maximum segment size (MSS) value of TCP SYN packets going through a router, use the ip tcp adjust-mss command in interface configuration mode. To return the MSS value to the default setting, use the no form of this command.

0 Helpful

andrew.prince
Level 10
Level 10

‎08-02-2008 09:42 AM

I agree with hadbou, but you don't actually need to add it on both sides, as only one side needs to see the transient TCP packets, but first you must see what MSS is being negotiated in the TCP handshake. use wireshark and capture the session - once you know what MSS is being negotiated, you actually need to see what the optimum MTU should be - use mturoute (google it)

Then choose the mss that will work for you.

HTH>

0 Helpful
Customers Also Viewed These Support Documents