Undecrypted packets are dropped due to MTU size exceeded

When trying to access some websites an error as the following is observed:

When reviewing the counters using "show counter global", packet dropped due to MTU exceeded messages are seen

Global counters:
Elapsed time since last sampling: 13.256 seconds

name                             value     rate severity  category  aspect    description
----------------------------------------------------------------------------------
pkt_sent                          3        0 info      packet    pktproc   Packets transmitted
flow_fwd_ip_df_drop               1        0 drop      flow      forward   Packets dropped: exceeded MTU but DF bit present <=======
flow_ip_cksm_sw_validation        5        0 info      flow      pktproc   Packets for which IP checksum validation was done in software

• Palo Alto VM-100 Firewall
• PAN-OS 10.0
• TCP/UDP traffic

• One solution that can be tried in this scenario is adjusting the Maximum Segment Size (MSS) size.
• Adjusting the MSS size will ensure that longer headers do not result in a packet length that exceeds the allowed MTU. If the DF bit were set and the MTU is exceeded, the larger packets would be dropped.

1.  GUI: Network > Interfaces > select Ethernet, VLAN, or Loopback
2.  Select Advanced > Other Info
3.  Select Adjust TCP MSS and enter a value for one or both of the following: 
4.  IPv4 MSS Adjustment Size 
5.  IPv6 MSS Adjustment Size
6.  Click on OK and commit the changes