This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

MTU and MSS with RED

Hi,

Just wondering if someone can shed any light or point me towards and Sophos Utm guides with regard to setting MTU and MSS.

We have approx 50 or more RED devices all throughout the country and all are running on 3G / 4G.

These connections keep dropping randomly on all of these RED devices.

I have a feeling this issue is due to MTU issues from checks I have carried out. I come from a Cisco background and I understand how and why these settings need to be adjusted but I'm just wondering where in Webadmin or elsewhere in UTM can I change these MTU and MSS settings for RED ? and also is there any sophos utm documentation that shows how to adjust these values ?

Many thanks.



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    Go to Interface & routing > Interface > Click Edit for the required RED interface > Click on Advanced to view the MTU settings. 

    Note: The interface will be restarted once you save the changes.

    Reference screenshot:

    Thanks,

  • Many thanks Harsh,

    I have came across that setting but I'm wondering is that setting for MTU on both the RED and its interface on the UTM or just the RED itself or just the UTM RED interface ?

    Is there anyway to choose interfaces like VTI (Virtual tunnel interfaces) or even interfaces themselves on the RED ?

    Like if I set the MTU where you have highlighted in red will it affect both sides of the link ? ie. the RED device and the UTM side also or just the RED side ?

    Is there any documentation from Sophos on how to set utm ?

    Thanks Very much.

  • FormerMember
    0 FormerMember in reply to Happy_UTM

    Hi ,

    There's no option or a way for a user to set the MTU on the RED device itself. The MTU option on the firewall is for the virtual RED interface. 

    Thanks,

Reply Children
  • Many thanks Harsh,

    So if I am setting the mtu on the Firewall for the Virtual Red interface is this setting the mtu for both sides of the virtual "link" ?

    ie. If for example I changed the mtu to 1300,  is this mtu changed for both sides ? ie. the Red device side of the tunnel and the Utm side of the tunnel ?

    There's no option or a way for a user to set the MTU on the RED device itself

    If there is no option then it would be interesting to know or even for Sophos to document how the Red treats for example "oversized" packets on its ingress interfaces from the local devices connected to the RED.

  • Harsh, I know how to do what he asks with IPsec tunnels, but not with RED tunnels.

    Haigh Happy - I'm not convinced that MSS/MTU is the problem - have you tried disabling compression?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA