Hi all,

I have some pb with Vlan and Monowall.

Here is my configuration:

Monowall with 3 lan interfaces using 1.2b8
- Public
- Customers
- Backup server

All interfaces are connected on a cisco switch.
All customers have to be on different subnet and don't have to see each 
other.
I use 802.1Q on customers interface.
Ip configuration is /27 for all Vlan interfaces
All Servers are Win2K3.

Customers have to connect using PPTP (@home) and Ipsec (@work).

Config ot the trunk

sh run interface fastEthernet 0/47
Building configuration...

Current configuration:
!
interface FastEthernet0/47
  description Customers 802.1Q Trunk
  switchport trunk encapsulation dot1q
  switchport mode trunk
  spanning-tree portfast
end

sh int status | i Fa0/47
Fa0/47  Customers 802.1Q T connected    trunk    A-Full   A-100 100BaseTX/FX


For the test, all rules are "accept" between all interfaces. I have 2 
W2K3 on 2 differents interfaces.
Both servers are able to ping each other. But when I try do use rdp from 
one interface to another, it doesn't work, even if I use "Allow 
fragmented packets". I also tried with PPTP.

I finally sorted out using an MTU of 1468 on the win2K3 srv.
I thought that is was the end but into the Ipsec tunnel unable to use rdp.
I changed the MTU from 1468 to 1400 and it's seems to work this way.

The problem seems to be located only on Giga Intel card. I tried with an 
Via ethernet card and no problem...

FYI, I also test this configuration without vlan and only physical 
interface with default MTU value and all is ok.

How can I be sure that the 1400 value for the Mtu will be the good one ?

Thanks.

--
Raphaël Maunier