Pix501 and MTU Weirdness

Discussion in 'Cisco' started by Axel Hagedorn, Feb 11, 2004.

  1. Hi All.

    We have a problem sending bigger packets through our VPNs. The VPNs are
    set up between two Pix501 that are connected to the internet via fixed-IP
    ADSL or SDSL (the problem occours with any combination of modems).

    Sending a normal (small) ping through the tunnel is never a problem. But
    sending bigger pings (e.g. 10000) (or file-transfers respectively) don't
    get through depending on the outside MTU size of the pix:

    If we set all MTU sizes (inside and outside on both Pixes) to 1500 the big
    ping does not get through.

    Now, if we set the MTU size on the outside interfaces to 1160, bigger
    pings do get through - but now there's the weird thing: The actual packet
    size of the packets being sent over the net is 1500!!!! So it seems, the
    two pixes talk to each other and agree on the MTU 1500. But if this works
    with the preset value of 1160 - why does it not work with 1500 on the

    Did anyone have any similar experiences - or any hint that could help on
    finding out the reason for this behaviour. (Any MTU background info would
    be appreciated too.)

    Best regards and thanks for any help,



    "If Microsoft is ever going to produce something that does not suck,
    it is very likely a vacuum cleaner."

    Axel Hagedorn - Darmstadt/Germany -
    Axel Hagedorn, Feb 11, 2004
