| Knowledge Base ID: | KB4586 |
| Version: | 4.0 |
| Published: | 22 Jun 2009 |
| Updated: | 22 Jun 2009 |
| Categories: |
 Firewall/IPSec_VPN Traffic Engineering Management (Admin) ScreenOS |
- set flow tcp-mss
- set flow all-tcp-mss PPPoE
For NS-5GT, SSG-5, and SSG-20 devices, the command 'set flow tcp-mss'is enabled by default to 1350.
On all other Juniper firewall devices, the command 'set flow tcp-mss' is disabled, i.e it is not set by default in the configuration.
Enter the command 'get flow | inc mss' to see the current values. For example, look for the following fields:
flow change tcp mss option for all packetsis not set
flow change tcp mss option for vpn packets = 1350
Enter the command 'get config | inc mss' to see the configured settings.
For more information on the difference between the two MSS options, refer to KB6346 - What does set flow all-tcp-mss and set flow tcp-mss do.
Note: If PPPoE is enabled and bound to an interface, the command set flow all-tcp-mss 1304 will be added, if there was no previous set flow all-tcp-mss command configured.
