[ previous ] [ next ] [ threads ]
 From:  George Bourozikas <george at bourozikas dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPsec will not forward fragmented packets / MTU issue
 Date:  Mon, 28 Mar 2005 17:03:29 -0500
On Sunday 27 March 2005 16:48, you wrote:
> > 3)  Longer packets get dropped.  I have confirmed this with tcpdump. 
> > When I change the client MTU to 1400 everything works fine, but I need a
> > more systemic solution because I will not have access to all potential
> > clients.
> Did you try to set the WAN interface MTU to 1400 on both tunnel ends?
> I'm not sure it even does something for IPsec, but I would try. Who
> knows...?
> -- Vincent

I did, but it had no effect.  In fact I tried various values down to ~600 but 
it had no effect whatsoever.  I agree that it should not affect IPsec.