[c-nsp] 7206 pppoe concentrator and vpn issues

[Alain Cocconi]

Hello,

I'm terminating 2000 pppoe connexions using a 7206 NPE-G1, all is ok except 
some customers who have problems with vpn and games like World of 
Wordcraft. It seems that Checkpoint's vpn only have problems (I'm not sure 
about this). Checkpoint says it is like a mtu/mss problem, but I've check 
all and I can not see any issue in my config, if someone has idea about 
this , thanks.
Here is my 7206 configs :

#sh ver
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-IS-M), Version 12.3(13), RELEASE SOFTWARE (fc2)
(c7200-is-mz.123-13.bin)

#sh run
...
vpdn enable
vpdn authen-before-forward
vpdn ip udp ignore checksum
!
vpdn-group 1
  accept-dialin
   protocol pppoe
   virtual-template 1
  pppoe limit per-mac 99
  pppoe limit per-vc 99
  lcp renegotiation on-mismatch
  ip pmtu
!
interface GigabitEthernet0/1
  ip address XXX.XXX.XXX.XXX 255.255.255.128
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip accounting access-violations
  ip load-sharing per-packet
  ip route-cache policy
  ip route-cache flow
  ip tcp adjust-mss 1452
  ip ospf message-digest-key 1 {password]
  no ip mroute-cache
  duplex auto
  speed auto
  media-type rj45
  no negotiation auto
  snmp ifindex persist
  no cdp enable
!
interface Virtual-Template1
  mtu 1492
  ip unnumbered Loopback0
  ip verify unicast reverse-path
  no ip redirects
  no ip unreachables
  timeout absolute 720 0
  autodetect encapsulation ppp
  no snmp ifindex persist
  peer default ip address pool pool-adsl
  ppp authentication chap pap ms-chap
!
...