Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Why am I Unable to use Some Microsoft Services Over a VPN?

0

0

Article ID: KB4828 KB Last Updated: 14 Nov 2011Version: 5.0
Summary:
Why am I Unable to use Some Microsoft Services Over a VPN?
Symptoms:

Solution:
Note: This article applies to ScreenOS 4.0.

Some Microsoft services use NetBIOS over TCP/IP. This type of traffic has the Don't Fragment (DF) bit set in the header of the packet. By default, any large packets that require fragmentation will be dropped by the NetScreen if the DF bit is set.

Note: If the DF bit is set by the application, the set flow path-mtu command is used from the Command Line Interface (CLI). This command will ensure the source reduces the MTU size so that fragmentation would not occur. If the DF bit is not set, the NetScreen should pass that traffic.

Step one: Open the CLI. For information on how to open the CLI, go to Accessing the Command Line Interface Using Telnet.

Step two: From the Command Prompt, enter set flow path-mtu, and then press ENTER.

Image of step two

Step three: From the Command Prompt, enter save, and then press ENTER.

Image of step three

Note: If fragmentation is the issue, the Maximum Segment Size can be set to 1400. This can be done with the set flow tcp-mss command.

Step three: From the Command Prompt, enter set flow tcp-mss, and then press ENTER.

Image of step four

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search