Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
947
Views
0
Helpful
3
Replies

VPN tunnel over DSL MTU problems? I think.

jasonhumes
Level 1
Level 1

‎02-28-2005 11:22 AM

Hi

So I've got three sites, Site A is on a T1 connection in South Carolina and Site B is on DSL in Ontario, Canada and Site C is Wireless in Ontario. Site A and Site B are using 1751V routers and Site C is a pix 501. I've got a Windows2003 Terminal Server in Site B and VPN tunnels from Site A and Site C back to Site B. For some reason, Site C can use the terminal server at Site B, but site A cannont. When they bring attempt to connect, it partially draws the screen, but thats it...never shows the logon box. Also, web browsing to certain sites from Site B (mainly msn.com and some banking sites) dont load fully. I've read that this could be an mtu issue, but I'm not sure how to go about tackling this issue. Also, I've created a PAT for Site A to use the Terminal Server over the internet and it works fine like that...so it seems like a vpn issue...The terminal server pings fine from both sites...any ideas. Thanks

jason

Labels:
0 Helpful
3 Replies 3

jasonhumes
Level 1
Level 1

‎02-28-2005 11:57 AM

So I was able to fix the web browsing problem by adding these commands to the Dialer1 interface of my Site B router;

ip mtu 1400

ip tcp adjust-mss 1360

This seems to have fixed the issues with web pages not loading, but the VPN tunnel problem still exists. Anyone have any ideas. Thanks

jason

0 Helpful

r.banez
Level 1
Level 1
In response to jasonhumes

‎03-07-2005 06:29 PM

I have the same problem with web browsing before. But I placed those on the Ethernet 0 (inside port).

The network here is Site A is using a cisco 831 Router connected to DSL via DSL modem. Site B is using a cisco 827 connected to DSL.

User in Site A can't connect to terminal server in Site B. Only blank green screen. No logon Prompt. But User in Site B can connect to terminal server in Site A.

PCanywhere to Site B rarely works. if it works. it disconnects in less than 1 min.

0 Helpful

griffithd
Level 1
Level 1

‎02-28-2005 02:33 PM

May or may not help, but I had a 1751V behind a concentrator, connecting to another concentrator with inconsistent results until I changed both concentrators to "Do not fragment prior to IPSec encapsulation; fragment prior to interface transmission" under "Interfaces | | General | IPSec Fragmentation Policy".

Darlene

0 Helpful
Customers Also Viewed These Support Documents