I have established my IPSec VPN between two m0n0walls (both v1.11) and
I have a machine on the LAN on each end. I can ping between the
machines but when I attempted to transfer data (ftp/http/etc) it
failed. I have been using ftp for testing to narrow down the problem,
and the ftp client seems to hang while waiting to receive the data.
Sometimes I can get the first part of a file right away (~1KB), then
no more; other times I got nothing at all. I end up having to abort
the ftp transaction. I have been able to narrow this down to a
specific file size. I can ftp a file of 2179 bytes over the VPN and
the transfer completes instantly, but 2180 bytes fails every time.
I also tried pinging the box on the other end and established that I
can ping with up to 1410 bytes; any more than that gets no reply.
After this test I tried changing the MTU settings of the WAN
interface on both m0n0walls. I tried setting them both to
1410,1400,1200 and 900. Each time I changed the MTU of the WAN
interface, I retried my ftp transfer as above. Changing the MTU of
the WAN interface seemed to have NO effect on the size of the file
that I could transfer. 2179b or less works; 2180b or more fails to
Is there any other MTU setting that can/should be changed? Any other
config option that I need to look at? Would it help to look at my
configs? Any help/advice I can get would be most appreciated.