Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
297
Views
0
Helpful
2
Replies

IPSec and fragments - windows 2000 DC

tiwang
Level 3
Level 3

‎09-26-2003 02:36 PM - edited ‎02-21-2020 12:47 PM

Hi all

I have a problem with an IPSec tunnel between 2 IOS 12.2 routers with ADSL connections to the internet. I have an win2k srv at each site - one member and one DC. Now I try to promote the second to an DC also - but this fails because the UDP datagrams for the kerberos comms are fragmented - which cannot be assembled again then. I have ran out on god ideas - any suggestions for how such an tunnel should be configured ?? I have set the MTU on both servers to 1300 - just to be sure and in the tunnel I have an MTU set to 1400 so there should'nt be any problems at all with packet size's

Kind regards

Thomas Iwang

Labels:
0 Helpful
2 Replies 2

artherrera
Level 1
Level 1

‎09-28-2003 08:10 AM

very good document for MTU and IP fragmentation:

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml

0 Helpful

mostiguy
Level 6
Level 6

‎09-29-2003 05:07 AM

1. http://support.microsoft.com/?kbid=244474

Try that out - force kerberos to use TCP.

2. ADP, huh? Please increase my paycheck. Thanks ;-)

Matt

0 Helpful
Customers Also Viewed These Support Documents