RE: [m0n0wall] TCP timeout over IPSEC Tunnel

From:	"Bertrand Fournier" <bertrand at troispetitspoints dot com>
To:	"Manuel Kasper" <mk at neon1 dot net>
Cc:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] TCP timeout over IPSEC Tunnel
Date:	Sun, 16 Oct 2005 22:39:43 +0200

I check but I see nothing block on the IPSEC Tunnel. What is very strange, si that the connection
seems to works well.

I don't know what to do.

-----Message d'origine-----
De : Manuel Kasper [mailto:mk at neon1 dot net] 
Envoyé : dimanche, 16. octobre 2005 21:53
À : Bertrand Fournier
Cc : m0n0wall at lists dot m0n0 dot ch
Objet : Re: [m0n0wall] TCP timeout over IPSEC Tunnel

On 16.10.05 21:40 +0200, Bertrand Fournier wrote:

> I have a tunnel with another appliance, Clavister, but when I try to 
> connect to a remote computer it makes error.
>  
> I can ping remote computer but I'm unable to connect via RDP or any 
> program connection through the tunnel.
>  
> It's working in version 1.11 with the same config but it's not working 
> in 1.2.

Somebody else has reported this to me as well - apparently in their case it was ipfilter that
intermittently blocked some fragments, so check the firewall log for blocked ESP fragments. I myself
haven't been able to reproduce the problem with m0n0wall <-> m0n0wall tunnels so far...

- Manuel