MTU is default 1500 the 7200 IOS is 12.2{12} and the 2600 12.2{6c}.
> what is the mtu size of the packets? Not sure if that would make
that kind of mess with the packets, but I have seen some issues with
cisco vpn and mtu sizes...also, what version of the cisco ios?
>
> Steve Schuster
> Midwest ISO
> Security Analyst
>
>
>
>
> -----Original Message-----
> From: Thornton [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, January 23, 2003 12:40 PM
> To: [EMAIL PROTECTED]
> Subject: [FW-1] Gabled headers through Cisco VPN
>
>
> Hello all,
>
> I am on a team that tried to install dual Nokia IP 740's running FP3
at
> a headquarters site. We got them put in no problem and pushed policy,
> etc to them, but we had problems doing netbios type traffic to offsite
> offices. We were originally getting "out of state" packet errors when
> netbios ack type traffic would return so we tried a couple of fixes
and
> they <seemed> to get rid of most of the out of state errors in log
> monitor, but we still could not do NT4 type windows traffic. An
example
> of this would be connecting to a netbios share using
> \\xxx.xxx.xxx.xxx\c$ from a windows run prompt.
>
> We currently have a Cisco 7200 router with a VPN concentrator that
> provides VPNs from HQ to 100+ offsite offices. The VPNs go from the
> above mentioned 7200 and terminate to a Cisco 2600 with no VPN card.
>
> On a hunch we took the VPN off of one of our offsites, and netbios
> traffic magically started working again. We put the VPN back on and it
> stopped working. I called Checkpoint and Nokia and they said the have
> never heard of this.
>
> I checked the logs on the offsite router to see what traffic was
coming
> in and I saw the following:
>
> It appeared that the destination address has been garbled. The third
> octet would get messed up. For example if the packet was destined for
> 199.12.126.212, it would appear as 199.12.1.212 or 199.12.0.212. Also
> the destination port would get garbled and show up as inbound port 80,
> when it should have been 139. What really blows my mind is that if
this
> packet were to be routed, it wouldn't make it to this site. It had to
> be the VPN screwing things up.
>
> I know that this is really long winded and we are checking this out in
> our test lab, but I was hoping that someone has seen something like
> this before. Please let me know.
>
> Thanks for any help,
>
> Andrew
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [EMAIL PROTECTED]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [EMAIL PROTECTED]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [EMAIL PROTECTED]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [EMAIL PROTECTED]
> =================================================
>
>
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
