|
||||||||
Hello, I updated one of my remote m0n0walls with the 'keep-frags' image today using the built-in GUI updater and it went OK. You will get a warning saying the image isn't signed but it will still install. The 'keep-frags' version doesn't make any changes to your config so there should be no issue with downgrading or future upgrades. It would still make a backup just in case though (as with any change of firmware). Regards, Kris. ----- Original Message ----- From: "Jeff Buehler" <jeff at buehlertech dot com> To: "Kristian Shaw" <monowall at wealdclose dot co dot uk> Cc: <m0n0wall at lists dot m0n0 dot ch> Sent: Thursday, February 09, 2006 6:30 PM Subject: Re: [m0n0wall] outlook -> exchange problem > Hi Kris - > > OK - now I can see the problem. I can't ping successfully at 2048 - the > packets time out. Setting Allow Fragmented Packets over AH (or I assume > ESP) does not help. > > So, the only solution is to use your modified image? If so, can I install > that remotely using the Firmware->Upload mechanism? > > Thanks, > Jeff > > > Kristian Shaw wrote: > >> Hello, >> >> Just to answer another part of your email: >> >>> I ran ping tests from the client system to the Exchange system (ping >>> the.server.com -f -l 1472) the result of these was no fragmentation up >>> to 1472. I also ran Network Monitor on the Exchange Server, which was >>> inconclusive, but admitting my ignorance: is there a way to detect >>> fragmented packets using Network Monitor? There was nothing obvious in >>> the traces that I ran. >> >> >> You should also be able to ping larger packets than 1472/1500 too, >> because although they are larger than the ethernet MTU Exchange and >> Outlook will still send them (RPC). >> >> ping -l 2048 host_name should work too (and not get silently >> dropped). >> >> Regards, >> >> Kris. >> >> > > |