Firewall Wizards: R: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Firewall Wizards mailing list archives

R: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall

From: "edp" <edp.lists () acerbis it>
Date: Thu, 18 Dec 2003 09:46:32 +0100

The simple solutions are:
- - use 'ip tcp adjust-mss 1400' on a router seeing traffic in the

clear to > force MSS to 1400 so IP datagram size to 1420 (of course 1400
is just a >guess), this will cover all TCP traffic

- - set 'ip mtu 1500' on the GRE tunnel interface (yes 1500 bytes)



Just for clarity, with a mss option set to 1400, the ip packet size will
be 1440.




_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

By Date By Thread

Current thread:

MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall marcel . cook (Dec 06)
- RE: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall Ben Nagy (Dec 11)
- R: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall edp (Dec 12)
- Re: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall Eric Vyncke (Dec 16)
  - R: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall edp (Dec 19)
- <Possible follow-ups>
- Re: MTU issue routing traffic via Cisco GRE tunnel to Nokia/Check Point firewall rainer . ginsberg (Dec 10)