[ previous ] [ next ] [ threads ]
 From:  George Bourozikas <george at bourozikas dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Ping Size Windows GPO
 Date:  Fri, 1 Jul 2005 13:30:31 -0400
On Friday 01 July 2005 12:29, edward mzj wrote:
> try to allow fragmented icmp echo-request and echo reply packets. i'm not
> sure
> On 7/2/05, Mat Murdock <mmurdock underscore lists at kimballequipment dot com> wrote:
> > I was wondering if there was a way to increase the allowed ping size
> > over a m0n0 to m0n0 ipsec vpn. The reason is as follows:
> >
> >    When running a M$ based network with a central location and numerous
> >    satellite locations, you may encounter a rather nasty problem.

No this does not work.  The only way I have found to get IPsec VPN's to work 
with m0n0 is by decreasing the MTU until there are no fragmented packets, at 
least in the next hop (in my case ADSL).