cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
710
Views
0
Helpful
5
Replies

Internet browsing issues on ISPec over GRE tunnel

csm_awais
Level 1
Level 1

I am facing Internet browsing issues when traffic distened for internet from client. mail.yahoo.com is not opening on client while yahoo.com works fine. Similarly streaming and apps from apple not working on iphone but traffic distened for data Center works fine. If I remove tunnel protection IPSec from GRE then everything works fine.

 

Please guide what to do, I have attached a scenario diagram

1 Accepted Solution

Accepted Solutions

Boris Uskov
Level 4
Level 4

Hello,

It is difficult to suggest, but MTU issue might be the reason of the problem.

Do you have ip tcp adjust-mss command on both tunnel interfaces?

If no, please try to add it:

interface Tunnel X

ip tcp adjust-mss 1300

If it helps, you can then try to increase MMS value from 1300 to 1360 (which is recommended value by Cisco)

View solution in original post

5 Replies 5

Abaji Rawool
Level 3
Level 3

This can be issue with Fragmentation, Check this doc : http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html

HTH

Abaji.

 

I have gone through that document but there was no change.

Boris Uskov
Level 4
Level 4

Hello,

It is difficult to suggest, but MTU issue might be the reason of the problem.

Do you have ip tcp adjust-mss command on both tunnel interfaces?

If no, please try to add it:

interface Tunnel X

ip tcp adjust-mss 1300

If it helps, you can then try to increase MMS value from 1300 to 1360 (which is recommended value by Cisco)

what should be the mtu value? I have set 1400 but it was not working then i set it to 1500 but it was not working.

 

I have also set ip tcp adjust-mss value to 1436.

csm_awais
Level 1
Level 1

by changing IP tcp adjust-mss 1300. internet browsing stared on clients.

 

Thanks its now working