I'm experiencing a strange problem with a GRE over IPSec tunnel between two Cisco routers.
The configuration is tested and has been working for a long time, except for a single application. This client-server application works on UDP and this is what happens:1) app-client generates a 1800 bytes UDP packet 2) packet is fragmented 1500 + 300 by the first router met 3) the two fragmented packets (1500 and 300) hit the VPN tunnel interface but they don't make it to the other side of the tunnel. It looks as they're silently dropped, app-server never sees them.
The tunnel works in transport mode and ip mtu is set to 1440 bytes, the load on the VPN routers is very very low. The tunnel perfectly fragments packets bigger than 1440 but smaller than 1500
Thank you for any advice