Hi,
I'm trying to set up a tunnel between a Checkpoint Safe@Office 500 device to a Cisco 837 router. I've used SDM to set up the tunnel and everything seemed to work and ping shows that the connection is stable. But I then noticed the connection is very slow and several services complained of connection failures. Running the test in SDM, I get the following output: "A ping with data size of this VPN interface MTU size and 'Do not Fragment' bit set to the other end VPN device is failing. This may happen if there is a lesser MTU network which drops the 'Do not fragment' packets." SDM also suggests I can use crypto ipsec df-bit clear to resolve this. I tried lowering the MTU on the Cisco (issued ip mtu 1400 on the Dialer0 interface) and also tried lowering the MTU on the Checkpoint device but no still no success.
Although I'm a software developer I'm not very familiar with CLI so please don't be brief if you suggest making any changes on the Cisco ;) Here's the current config:
Dan