Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 756 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Don't Fragmented packet over 1372 byte

Massimiliano Talin1

I have tunnel ipsec in 2 site but don't passet packet over 1372 byte someone can help me to solve the problem

Thaks

for example with a 1400 byte ping from this error

C:\Users\Administrator>ping 192.168.0.249 -l 1400

Pinging 192.168.0.249 with 1400 bytes of data:
Reply from 10.1.128.36: Packet needs to be fragmented but DF set.
Reply from 10.1.128.36: Packet needs to be fragmented but DF set.
Reply from 10.1.128.36: Packet needs to be fragmented but DF set.
Reply from 10.1.128.36: Packet needs to be fragmented but DF set.

Ping statistics for 192.168.0.249:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

C:\Users\Administrator>



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Vivek Jagad

    adding to this post for syntax to change mss or mtu value is as below :

    console> set network mtu-mss PortF1 mtu default mss default 

    In this  case console> set network mtu-mss PortF1 mtu default mss 1360 

    Thanks and Regards

    "Sophos Partner: Infrassist Technologies Pvt Ltd".

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML