[ previous ] [ next ] [ threads ]
 
 From:  "Kris Shaw" <monowall at wealdclose dot co dot uk>
 To:  "Mat Murdock" <mmurdock underscore lists at kimballequipment dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPsec 1.22 question
 Date:  Mon, 3 Apr 2006 13:56:53 +0100
Hello,

This options lets decypted IPSEC packets that are larger than 1500 to be 
passed.

You need to allow fragments on any firewall rules relating to packets that 
would be IPSEC encypted.

Kris.

----- Original Message ----- 
From: "Mat Murdock" <mmurdock underscore lists at kimballequipment dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Monday, April 03, 2006 5:45 AM
Subject: [m0n0wall] IPsec 1.22 question


>I noticed in this in the 1.22 build.
> -added option to System: Advanced page to allow IPsec/ESP-encrypted IP 
> fragments to be passed (mkasper)
>
> Does this allow a computer to send packets that are larger the 1500?  If 
> so what else do you have to do to make it work if anything.
>
> Thanks,
>
> Mat Murdock
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>