Solved

MTU question

Posted on 2004-03-24
13
805 Views
Last Modified: 2010-04-11
There is a device on my network using a 1300 mtu.  How can I find out which device it is?
0
Comment
Question by:skippyllh
  • 3
  • 2
  • 2
  • +3
13 Comments
 
LVL 17

Expert Comment

by:RDAdams
Comment Utility
What type of wireless equipment are you running?  How many of them do you have.  Check wireless routers etc.
0
 
LVL 17

Expert Comment

by:RDAdams
Comment Utility
If you have a large network it helps to diagram out each segment.
0
 

Author Comment

by:skippyllh
Comment Utility
There is no wireless.  My network is pretty small.
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
First, how did you determine that there was a device with the MTU setting of 1300?
1300 is a default setting for any system with Cisco VPn client software..
0
 

Author Comment

by:skippyllh
Comment Utility
It was determined by a cisco engineer.  I have a client using my vpn concentrator to access a reporting server.  They have an app that forces them to only use 1500.  They cannot negotiate.  When they try to access my reporting server over a Lan-to-Lan tunnel (pix to 3030 concentrator) the software times out.  I opened a case up with tac and was told after they viewed all of the logs that i have a device in my network that is forcing the mtu to 1300.  it didn't make a whole lot of sense to me and I don't know how to determine the mtu of all of the devices on my network.  (without a lot of manual labor)
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
You only need to look at the client, the server, and all devices between the client and the server.

Client -->PIX-->router<---internet--->router-->VPN3030-->switch?-->server

Each interface of each device in between has the ability to be manually adjusted to specify an MTU
0
 

Author Comment

by:skippyllh
Comment Utility
I've looked at all of those.  There is still an issue.  According to the engineer at tac there could still be a device other than those causing this.  I'm just looking for an automated way to determine the MTU of the devices on my network.
0
 

Accepted Solution

by:
blackss earned 68 total points
Comment Utility
Use network monitor from a W2k server and look for the MTU size you want, or use another network sniffer...find your MTU and look at the IP and u have your culprit.
0
 
LVL 2

Assisted Solution

by:Jman8R
Jman8R earned 66 total points
Comment Utility
If you have a small network, you can check the MTU settings for each PC ( depending on the OS ) through the registry.

See: http://www.winguides.com/registry/display.php/280/

Although, I have seen cases where Cisco equipment themselves force MTU's down to 1300. This, however, was necessary due to the protocol being used over the ADSL connection.

As said in a previous post... The Cisco VPN software sets the above registry key so that the MTU is 1300. Maybe if you know of one of the clients that has that software installed, it would be a good starting point!
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 66 total points
Comment Utility
>> There is a device on my network using a 1300 mtu.  How can I find out which device it is?

umm... can you ping the device? if so, why dont you just ping it then use "arp -a" to get its MAC address which commonly gives general information of this device, such as brandname. of course, you should make sure the ping client should stay in same broadcast domain where the device resides in.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

I was recently sitting at a desk at work with one of my colleagues and needed some information on my home computer. He watched as I turned on my home computer, established a remote session into it, got the information I needed and then shut it down …
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now