Packets are lost after A2A VPN is deployed on the AR

After A2A VPN is deployed, if the size of A2A VPN packets exceeds the interface MTU and the DF flag is not set to 0, the A2A VPN packets are discarded, causing packet loss. In this case, run the ipsec df-bit clear command to allow A2A VPN packets to be fragmented.

Scroll to top