Hi all,
We've replaced our old PIX 515 firewall with a newly bought ASA 5510.
Now some of our customers complain because they can not login on our website. We use the Verisign Certificates plugin to authenticate users on our website.
Everything else is working exept the login procedure.
Now a helpdesk employee of some internet provider told a customer to lower the MTU, it seemed that using some kind of application (as for example our verisign plugin) resulted in failing connections.
The customer lowered the MTU and indeed, the problem disappeared.
Now for as far i know, i have the exactly same configuration on our ASA as we had on our PIX.
I even allowed all ICMP on inside and outside interfaces to allow "ICMP can't fragment (type 3, code 4)" and Path MTU Discovery.
Still, when users do not lower their MTU, they can not login.
Can anybody help me what config i should check or what debugging i should monitor ?
Thanks in advance !
Sebastian