Re: Very Strange Problem

Thanks all.. looks like I was putting the ip tcp mss on the wrong interface,
after i put it on the LAN interface instead of the dialer interface
everything started working as needed.. Thanks again.. Every day I learn
something new, I LOVE this forum!!!!!!!!!!!!!!!!!!!!!

Sid

On Fri, Jul 2, 2010 at 6:33 AM, ron wilkerson <ron.wilkerson_at_gmail.com>wrote:

> use a route-map to clear the df bit on the packets from your workstations.
>
>
> On Thu, Jul 1, 2010 at 11:14 PM, Tyson Scott <tscott_at_ipexpert.com> wrote:
>
>> Your dialer MTU should be no higher than 1492. Right now it is at the
>> default of 1500.
>>
>> Try changing the MTU on the host itself to 1300 or something. I changed
>> my
>> MTU on my laptop to 1350 to solve problems when windowing was being
>> ignored
>> by servers.
>>
>> To do it on a windows machine follow these instructions
>>
>> http://smallvoid.com/article/vista-tcpip-mtu.html
>>
>> See if that solves the problem
>>
>> Regards,
>>
>> Tyson Scott - CCIE #13513 R&S, Security, and SP
>> Managing Partner / Sr. Instructor - IPexpert, Inc.
>> Mailto: tscott_at_ipexpert.com
>>
>>
>> -----Original Message-----
>> From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
>> Sidney Spencer
>> Sent: Thursday, July 01, 2010 11:02 PM
>> To: Cisco certification
>> Subject: Very Strange Problem
>>
>> Hello all,
>>
>>
>> I have run into an issue that I am having the hardest time trying to
>> figure
>> out what it is. Here is what is happening:
>>
>> I have a 2801 Router with and ASDL wic installed in it. There is
>> currently
>> 3 site to site VPN's configured, and basic routing, and PAT. What is
>> happening is every time a user behind this router tries to access the
>> internet (going to a site www.yahoo.com or facebook etc) it basically
>> sits
>> there and just continues to load and take forever but never comes up, if I
>> go to www.google.com that has no images to load it comes up really quick
>> with no issue. Here is a kicker, if I try to load a web page on internal
>> site on the other side of the tunnel everything comes up as normal with no
>> problems, the issue is only when I try to access external websites from
>> that
>> location. I am able to ping and telnet to port 80 with no problems. I
>> thought it was a fragmentation issue, so I changed MTU and MSS as low as
>> 1200 and the problem still persists. Has anyone else seen this issue? I
>> found the issue on the internet but have not seen where anyone has come up
>> with a fix for it, so I thought I would see if anyone here may have seen
>> this issue and resolved?
>>
>> The configuration is pretty basic (snippits)
>>
>> F0/0 - Shutdown
>> !
>> interface FastEthernet0/1
>> description $ES_LAN$
>> ip address 192.168.90.1 255.255.255.0
>> ip nat inside
>> ip virtual-reassembly
>> duplex auto
>> speed auto
>>
>> interface ATM0/3/0
>> no ip address
>> no ip mroute-cache
>> no atm ilmi-keepalive
>> dsl operating-mode auto
>> hold-queue 224 in
>> !
>> interface ATM0/3/0.1 point-to-point
>> pvc 8/32
>> encapsulation aal5snap
>> pppoe-client dial-pool-number 1
>> !
>> !
>> interface Dialer1
>> ip address negotiated
>> ip nat outside
>> ip virtual-reassembly
>> encapsulation ppp
>> dialer pool 1
>> dialer-group 1
>> no cdp enable
>> ppp authentication chap pap callin
>> ppp chap hostname xxxxxxxxx
>> ppp chap password 0 xxxxxxxx
>> ppp pap sent-username xxxxxxxxxx password 0 xxxxxxxxx
>>
>> ip route 0.0.0.0 0.0.0.0 Dialer1
>>
>> ip nat inside source route-map internet_nat interface Dialer1 overload
>>
>>
>> ADSL is used because that is the only option in the location in which this
>> router is located. Any ideas on where I should be looking is much
>> appreciated, the next step for me is to probably open a TAC case but
>> wanted
>> to get others thoughts first..
>>
>>
>> Sid
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> stop talking

Blogs and organic groups at http://www.ccie.net
Received on Fri Jul 02 2010 - 09:06:28 ART