<html><body><div style="color:#000; background-color:#fff; font-family:times new roman, new york, times, serif;font-size:12pt"><div><span><font size="3">Thanks for your reply Seun i did it on the interface </font>connecting to the internet (outside interface)<font size="3"> </font></span></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "> </div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><font size="6"><i><font color="#aea945" face="comic sans ms">God be with u all</font><img src="http://us.i1.yimg.com/us.yimg.com/i/mesg/tsmileys2/40.gif"></i></font> </div> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><font color="#b27c51" face="times new roman" size="6"><i>A true friend is someone who reaches for your hand and touches your heart</i></font>.<img
src="http://us.i1.yimg.com/us.yimg.com/i/mesg/tsmileys2/09.gif"></div><div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "><br></div> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt; "> <div dir="ltr"> <font size="2" face="Arial"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> Seun Ojedeji <seun.ojedeji@gmail.com><br> <b><span style="font-weight: bold;">To:</span></b> Onowojo E. <eonowojo@yahoo.com> <br><b><span style="font-weight: bold;">Cc:</span></b> Nigeria Nog <afnog@afnog.org> <br> <b><span style="font-weight: bold;">Sent:</span></b> Friday, August 3, 2012 10:26 PM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: [afnog] VPN mtu<br> </font> </div> <br>
<div id="yiv768829756">Hello Emmanuel,<br><br>On which interface did you do the reduction? trust its on the local side of the link? and you used something similar to below:<br><br>ip tcp adjust-mss 1300<br><br>Perhaps you could check packet size that goes through and then configure with that, you can use the following(i am using debian): ping <other side url>-s 1300 (increase or reduce the MTU untill you get a perfect one and then apply the command above)<br>
<br>Cheers!<br><div class="yiv768829756gmail_quote">On Fri, Aug 3, 2012 at 9:51 PM, Onowojo E. <span dir="ltr"><<a rel="nofollow" ymailto="mailto:onowojemma@yahoo.com" target="_blank" href="mailto:onowojemma@yahoo.com">onowojemma@yahoo.com</a>></span> wrote:<br><blockquote class="yiv768829756gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div><div style="font-size: 12pt; font-family: 'times new roman', 'new york', times, serif; "><div style="font-size:12pt;">Hello all,</div><div><font size="3">i just configure an ipsec site to site vpn between Asa and a cisco 2811 router using cisco ASDM and CCP ,but the </font>tunnel comes up when i did and extended ping and after a while it goes down i try use cisco configuration professional (ccp ) to trouble shoot the link and it bring out this error <span style="color: rgb(39, 61, 73); font-size: 13px; font-family: arial; ">"A ping with data size of this VPN interface MTU size and 'Do not </span><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">Fragment' bit set to the other end VPN device is failing. This may </span><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">happen if there is a lesser MTU network which drops the 'Do not </span><span style="color: rgb(39, 61,
73); font-family: arial; font-size: 13px; ">fragment' packets."</span></div>
<div><span style=""><font color="#273d49" face="arial">CCp suggests I can use crypto ipsec df-bit clear to resolve this or contact our ISP to resolve </font></span></div><div><span style=""><font color="#273d49" face="arial">i have reduce the mtu on the ASA and the router to </font></span><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">1300,</span><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">1460, 1400 and 1480 but still the network is slow and the tunnel will just go off when more user use the network and the tunnel goes down.</span></div>
<div><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">they are for branch and linking to the asa.</span></div><div><span><span style="color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">thanks for all you support in advance </span></span></div>
<div><span style="background-color: rgb(0, 0, 0); color: rgb(39, 61, 73); font-family: arial; font-size: 13px; ">I </span></div><div style="font-size:12pt;"> </div><div style="font-size:12pt;">
<font size="6"><i><font color="#aea945" face="comic sans ms">God be with u all</font><img></i></font> </div> <div style="font-size:12pt;"><font size="6" color="#b27c51" face="times new roman"><i>A true friend is someone who reaches for
your hand and touches your heart</i></font>.<img></div><div style="font-size:12pt;"><br></div> </div></div><br>_______________________________________________<br>
afnog mailing list<br>
http://afnog.org/mailman/listinfo/afnog<br></blockquote></div><br><br clear="all"><br>-- <br>------------------------------------------------------------------------<br>
<font color="#888888"><blockquote style="margin: 0pt 0pt 0pt 0.8ex; border-left-width: 1px; border-left-style: solid; border-left-color: rgb(204, 204, 204); padding-left: 1ex; font-family: garamond, serif; ">
<i><span style="color:rgb(0,102,0);">Seun Ojedeji,<br style="color:rgb(0,102,0);"></span><span style="color:rgb(0,102,0);">Federal University Oye-Ekiti<br style="color:rgb(0,102,0);"></span><span style="color:rgb(0,102,0);">web: </span>http://www.fuoye.edu.ng<br>
<span style="color:rgb(0,102,0);"></span><span style="color:rgb(0,102,0);">Mobile: <a rel="nofollow" href="">+2348035233535</a></span><span style="color:rgb(0,102,0);"></span><br></i><i><span style="color:rgb(0,102,0);">alt email:<a rel="nofollow" target="_blank" href="http://goog_1872880453/"> </a><a rel="nofollow" ymailto="mailto:seun.ojedeji@fuoye.edu.ng" target="_blank" href="mailto:seun.ojedeji@fuoye.edu.ng">seun.ojedeji@fuoye.edu.ng</a></span></i><br>
</blockquote></font><br><br>
</div><br>_______________________________________________<br>afnog mailing list<br><a href="http://afnog.org/mailman/listinfo/afnog" target="_blank">http://afnog.org/mailman/listinfo/afnog</a><br><br> </div> </div> </div></body></html>