[93770] in North American Network Operators' Group
Cisco Pix and MSS Question
daemon@ATHENA.MIT.EDU (joej)
Fri Dec 22 17:45:26 2006
Date: Fri, 22 Dec 2006 17:49:48 -0500
From: "joej" <joej@rocknyou.com>
To: <nanog@nanog.org>
Reply-To: <joej@rocknyou.com>
Errors-To: owner-nanog@merit.edu
Happy holidays all.
I hope this isn't too off topic, but am puzzled on how to proceed.
I have a client that is running a web server (Sun One) that cannot
be accessed by various folks. This just started happening about 2 months
ago. What I have found is that the users being affected are behind a
Cisco Pix that was recently upgraded to 7.0.1 Apparently, according to
Cisco's website (http://www.cisco.com/warp/public/110/pix-asa-70-browse.pdf )
the MSS value is being incorrectly sent by the web server. When
this happens of course the site appears in accessible. My question
is what is the correct fix to this from the servers configuration?
Or should I be setting MTUs below the standard to try and correct this?
Sorry if this has been discussed previously, I hadn't seen it.
Thanks very much, in advance
-Joe Blanchard
