03-29-2010 03:06 PM - edited 02-21-2020 04:34 PM
I have a customer with a Cisco 3825 functioning as a firewall and "IP inspect fragment max on 256 timeout 1" is configured on the inbound.
Can or will this command have any adverse affects on Cisco SSL Anyconnect client communications?
Solved! Go to Solution.
03-29-2010 10:54 PM
Don't believe that the inspection for fragments will particularly affect AnyConnect traffic. It will be inspecting for a maximum of 256 fragments before it starts to reassemble the packet for inspection. It will have affect on all traffic through the router, but not specifically to AnyConnect traffic.
Hope that helps.
03-29-2010 10:54 PM
Don't believe that the inspection for fragments will particularly affect AnyConnect traffic. It will be inspecting for a maximum of 256 fragments before it starts to reassemble the packet for inspection. It will have affect on all traffic through the router, but not specifically to AnyConnect traffic.
Hope that helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide