Re: [m0n0wall] TCP timeout over IPSEC Tunnel

From:	Manuel Kasper <mk at neon1 dot net>
To:	Bertrand Fournier <bertrand at troispetitspoints dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] TCP timeout over IPSEC Tunnel
Date:	Sun, 16 Oct 2005 21:53:29 +0200

On 16.10.05 21:40 +0200, Bertrand Fournier wrote:

> I have a tunnel with another appliance, Clavister, but when I try to
> connect to a remote computer it makes error.
>  
> I can ping remote computer but I'm unable to connect via RDP or any
> program connection through the tunnel.
>  
> It's working in version 1.11 with the same config but it's not
> working in 1.2.

Somebody else has reported this to me as well - apparently in their
case it was ipfilter that intermittently blocked some fragments, so
check the firewall log for blocked ESP fragments. I myself haven't
been able to reproduce the problem with m0n0wall <-> m0n0wall tunnels
so far...

- Manuel