eleeexpertsexchange
asked on
Need help configuring my Cisco ASA Firewall to extend MSS limit for outbound traffic
I have a Cisco ASA 5510 firewall and my company uses a third party POP3 providor for email.
I have just installed a Konica Multi-purpose copier that can scan a document and email it. However, when I do this, my firewall stops it with the message:
Dropping TCP packet from inside:10.203.15.202/1025 to outside:204.107.103.101/25 , reason: MSS exceeded, MSS 1380, data 1460
I have seen how I can configure MSS to exceed for traffic coming in, but how can I configure it for traffic going out
I have just installed a Konica Multi-purpose copier that can scan a document and email it. However, when I do this, my firewall stops it with the message:
Dropping TCP packet from inside:10.203.15.202/1025 to outside:204.107.103.101/25
I have seen how I can configure MSS to exceed for traffic coming in, but how can I configure it for traffic going out
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No luck I am afraid.
I applied the configuration without error but one command did not show up in the show run as if it was already the default.
"exceed-mss allow"
So it looks like it applied a empty policy to the external interface. I tried a couple of times but the tcp-map tcp-mss-map comes up blank.
I am still see these sorts of errors in the logs.
I applied the configuration without error but one command did not show up in the show run as if it was already the default.
"exceed-mss allow"
So it looks like it applied a empty policy to the external interface. I tried a couple of times but the tcp-map tcp-mss-map comes up blank.
I am still see these sorts of errors in the logs.
6 Nov 30 2010 14:37:09 PMTU-D packet 1420 bytes greater than effective mtu 1050, dest_addr=[WAN IP], src_addr=[Random web site], prot=tcp
ASKER