08-03-2010 12:23 AM
I have a SSG20 in our office network .The internet is also access by the device SSG20.
But while trying to access the particular website(www.iss-nepal.com) ,it fails.
What may be the reason behind this?
08-03-2010 08:41 AM
The typical reason for this is the MTU on the path is smaller than what the website expects. If you set path-mtu, this should fix the problem:
SSG20> set flow path-mtu
However, if the remote admin has blocked or otherwise disabled ICMP, this will not correct the problem.
08-04-2010 12:42 AM
You can also try to configure a custom service with TCP-80, add a separate policy for this destination and select Application "Ignore" in the policy.
08-07-2010 10:23 PM
Thank for the reply. I also tried by creating a separate policy with the customize service and Application "Ignore".But it still not working .
Any other suggestion please?
08-09-2010 12:47 AM
This seems to be a fragmentation issue. PMTU option does not always solve the problem. If a router on the distance does not correctly handle fragmentation and there are additional overheads in the packet size due to specific transport media (PPPoE, sattelite, GPRS etc), many packets may be dropped. Try to tune tcp-mss as described in KB6346.