[ previous ] [ next ] [ threads ]
 From:  "Lee Sharp" <leesharp at hal dash pc dot org>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] RE: RE : [m0n0wall] outlook -> exchange problem
 Date:  Sun, 26 Feb 2006 11:17:15 -0600
From: "Jeff Buehler" <jeff at buehlertech dot com>

> Well, it appears that the MTU on the server(s) and client platforms being 
> lowered does solve the problem I was having (annoyingly).  It also appears 
> that Blowfish (in phase 2) requires a different MTU setting (slightly 
> lower) than AES appears to as well, just for an interesting tidbit of 
> information, although this observed but not carefully verified.  I'm not 
> certain why allowing fragmented packets doesn't solve the problem, but it 
> appears that certain packets are still dropped by certain platforms on a 
> ping unless the MTU is lowered.

> I don't know if the problem is m0n0wall (Racoon) specific.

This is a common Windows problem.  I usually find it when a few Windows 
systems can not get to some websites, the most common being Microsoft and 
windowsupdate.  It appears that Windows MTU detection is broken, and does 
not work on all systems.  Search on "Windows MTU 1492" and you will see a 
lot.  The thing is you have DSL overhead, and VPN overhead.  Of course it 
would be nice if Windows MTU detection actually worked. :-)