Wireless Access

Regular Contributor I

Aruba Controller IPSEC tunnel MTU setting

Question.  I have Aruba VPN controllers 70xx models AOS  I have a cyrpto tunnel between two controllers.  I read that the default tunnel mtu is 1500 and if I want to change it I have to do a gloabl command "crypto ipsec mtu xxxx".  I made a change like this for MTU 1024 for a test and a "show crypto ipsec mtu" shows the new value.


What I want to know is if there is a command that I can see the MTU is set on the actual tunnel between the two controllers?  Like a sh crypto ipsec sa perr x.x.x.x.  Any MTU settings in these types of commands?  I have not been able to locate one.

Regular Contributor I

Re: Aruba Controller IPSEC tunnel MTU setting

Think I figured this out.


Global command "crypto ipsec mtu <value>" will change the MTU of the tunnel.  And you can see the MTU on the tunnel with the command "show datapath tunnel" before and after.  You have to clear ipsec sa peer <ip> to get it to take.

Search Airheads
Showing results for 
Search instead for 
Did you mean: