[ previous ] [ next ] [ threads ]
 
 From:  Tiresias <tiresias at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] VPN only works for small files / packets
 Date:  Thu, 30 Dec 2004 01:21:29 -0500
Problem solved.
We finally got the ISP for one end of the VPN to admit that they've
had problems with IPSec and the router they provided. They traded the
buggy router for a different brand unit and the problem has completely
dissapeared.


On Fri, 17 Dec 2004 16:15:09 -0500, Tiresias <tiresias at gmail dot com> wrote:
> Hello,
> I have established my IPSec VPN between two m0n0walls (both v1.11) and
> I have a machine on the LAN on each end. I can ping between the
> machines but when I attempted to transfer data (ftp/http/etc) it
> failed. I have been using ftp for testing to narrow down the problem,
> and the ftp client seems to hang while waiting to receive the data.
> Sometimes I can get the first part of a file right away (~1KB), then
> no more; other times I got nothing at all. I end up having to abort
> the ftp transaction. I have been able to narrow this down to a
> specific file size. I can ftp a file of 2179 bytes over the VPN and
> the transfer completes instantly, but 2180 bytes fails every time.
> 
> I also tried pinging the box on the other end and established that I
> can ping with up to 1410 bytes; any more than that gets no reply.
> After this test I tried changing  the MTU settings of the WAN
> interface on both m0n0walls. I tried setting them both to
> 1410,1400,1200 and 900. Each time I changed the MTU of the WAN
> interface, I retried my ftp transfer as above. Changing the MTU of
> the WAN interface seemed to have NO effect on the size of the file
> that I could transfer. 2179b or less works; 2180b or more fails to
> transfer.
> 
> Is there any other MTU setting that can/should be changed? Any other
> config option that I need to look at? Would it help to look at my
> configs? Any help/advice I can get would be most appreciated.
> 


-- 
Eye sea dead peephole.