B-51
User Guide for CiscoSecurity Manager3.0.1
OL-8214-02
AppendixB Site-to-Site VPN User Interface Reference Site to Site VPN Policies
Field Reference
TableB-18 VPN Global Settings Page> General Settings Tab
Element Description
Fragmentation Settings
Fragmentation Mode Supported on Cisco IOS routers and Catalyst 6500/7600 devices.
Fragmentation minimizes packet loss in a VPN tunnel when
transmittedover a physical interface that cannot support the original
size of the packet.
Select the required fragmentation mode option from the list:
•NoFragmentation - Select if you do not want to fragment prior
to IPSec encapsulation. After encapsulation, the device
fragments packets that exceed the MTU setting before
transmitting them through the public interface.
•End to End MTU Discovery - Select to use ICMP messages for
the discovery of MTU. Use this option when the selected
technology is IPSec.
End-to-end MTU discovery uses Internet Control Message
Protocol (ICMP) messages to determine the maximum MTU
that a host can use to send a packet through the VPN tunnel
without causing fragmentation.
•Local MTU Handling - Select to set the MTU locally on the
devices. This option is typically used when ICMP is blocked,
and when the selected technology is GRE.
For more information, see Understanding Fragmentation,
page 9-72.
Local MTU Size Supported on Cisco IOS routers and Catalyst 6500/7600 devices,
when Local MTU Handling is the selected fragmentation mode
option.
The MTU size can be between 540 and 1500 bytes.