Enabling IP Fragmention on CIsco ASA IPSEC VPN Tunnel
Posted on 2010-01-06
I have a IPSEC VPN tunnel between a ASA-5505 and a 891 router. When I attempt to transmit security camera video over the IPSEC tunnel, I get Syslog ID error 106020 - Denying IP teardrop fragment. This results in my video stream being cancelled.
I have tried
ip audit signature 1103 disable
with no luck, to disable the inspection. What I would like to do, is disable the inspection of any traffic on the tunnel, or at bare minimum disable the fragmention inspection on the WAN of the ASA. Please advise as to the best mehtod of disabling that inspection, and dealing with fragmentation from Unix and camera hosts.