06-04-2015 12:57 AM
I am facing Internet browsing issues when traffic distened for internet from client. mail.yahoo.com is not opening on client while yahoo.com works fine. Similarly streaming and apps from apple not working on iphone but traffic distened for data Center works fine. If I remove tunnel protection IPSec from GRE then everything works fine.
Please guide what to do, I have attached a scenario diagram
Solved! Go to Solution.
06-04-2015 04:34 AM
Hello,
It is difficult to suggest, but MTU issue might be the reason of the problem.
Do you have ip tcp adjust-mss command on both tunnel interfaces?
If no, please try to add it:
interface Tunnel X
ip tcp adjust-mss 1300
If it helps, you can then try to increase MMS value from 1300 to 1360 (which is recommended value by Cisco)
06-04-2015 01:02 AM
This can be issue with Fragmentation, Check this doc : http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html
HTH
Abaji.
06-04-2015 02:26 AM
I have gone through that document but there was no change.
06-04-2015 04:34 AM
Hello,
It is difficult to suggest, but MTU issue might be the reason of the problem.
Do you have ip tcp adjust-mss command on both tunnel interfaces?
If no, please try to add it:
interface Tunnel X
ip tcp adjust-mss 1300
If it helps, you can then try to increase MMS value from 1300 to 1360 (which is recommended value by Cisco)
06-04-2015 04:57 AM
what should be the mtu value? I have set 1400 but it was not working then i set it to 1500 but it was not working.
I have also set ip tcp adjust-mss value to 1436.
06-04-2015 05:07 AM
by changing IP tcp adjust-mss 1300. internet browsing stared on clients.
Thanks its now working
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide