Solved

Recommened MSS Value Setting

Posted on 2009-07-05
4
1,222 Views
Last Modified: 2012-05-07
I would like to know the recommened MSS value settings in Cisco ASA 5510.
I am using Cisco ASA 5510 to connect to internet & NATing is enabled to it.

I am getting the following alerts in the Cisco ASA. Default MSS is configured in the Cisco ASA

%ASA-4-419001: Dropping TCP packet from outside:1.1.1.1/80 to inside:2.2.2.2/59924, reason: MSS exceeded, MSS 1380, data 1460

Would like to know what is the recommended MSS settings to be configured so that the packets are not rejected.

0
Comment
Question by:SrikantRajeev
  • 3
4 Comments
 
LVL 14

Expert Comment

by:uucknaaa
ID: 24779256
Hi

Here's a Cisco document that explains the problem and has a workaround:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00804c8b9f.shtml

I'm checking a couple of other solutions.  I'll be back.
0
 
LVL 14

Expert Comment

by:uucknaaa
ID: 24779266
And ..

I've been reading this:

http://www.cisco.com/en/US/tech/tk870/tk877/tk880/technologies_tech_note09186a008011a218.shtml

and am wondering if the parameter needs to be adjusted in Windows?  

Check it out and see what you think?
0
 
LVL 14

Accepted Solution

by:
uucknaaa earned 500 total points
ID: 24779295
Hi

It looks like the recommended size is 1452.  There is an explanation in the usage guidelines for the command in this doc:

http://www.cisco.com/en/US/docs/ios/12_3/wan/command/reference/wan_i1g.html

Hope this all helps the problem you are seeing.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 31599889
Thanks
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
nipper studio 2 44
NAS with google authentication 6 98
Is my window10 Safe? after a malware removed by AV? 5 47
How to Create Separate Guest WiFi VLAN on Netgear R8000 19 51
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question