We have a problem when trying to Browse our Windows Domain via our new ADSL site-to-site VPN. Users logging into the Domain also seem to take a long time to map drives / shares etc.
Tunnel is up ok and can ping devices at either end. However, we do see some ping responses occasionally time-out.
We're using Windows 2000 server's and a combination of 98 & XP for the clients.
VPN is between a PIX at our HO and a 1721 at the remote site - we also use a 2621 which connects to the ISP via ADSL PPOA.
I believe there is a need to adjust the MTU settings on certain interfaces when using this type of configuration due to Fragmentation etc.. I have done this on the 2621 FastEthernet (ip tcp adjust-mss 1452) and Dialer interface (MTU 1492). I have also done this on the 1721 at the remote site. However, I haven't changed the MTU on the PIX - this is still set to 1500.
Could anybody please explain why these adjustments are necessary and if I'm using the correct values for a VPN over ADSL / PPOA.
Also, do I need to adjust the MTU on the Pix inside & outside interfaces.?
Is this the likely cause of the Windows browsing problem.?
I am also aware of a Service Pack issue on Windows 2000 which I'm looking into.
I have attached a diagram (which includes configs).
Any help appreciated.
Thanks....John