[ previous ] [ next ] [ threads ]
 
 From:  "Martin Holst" <mail at martinh dot dk>
 To:  "'Falcor'" <falcor at netassassin dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  PPTP MTU problem!
 Date:  Thu, 22 Jan 2004 13:32:22 +0100
Probably a simple question, but I haven't been able to find anything in the
PPTP-guide or on the lists.

m0n0wall has two inside NICs: LAN for server/wired clients and DMZ for
wireless.
For security reasons access from DMZ to LAN is restricted to PPTP - this is
working flawlessly.

WAN access through the PPTP is a another issue however :o(
The routing is fine - the problem is MTU related.
WAN is routed Ethernet with MTU 1500 - but PPTP is PPP with MTU 1396.

I have set m0n0wall to log anything coming through PPTP-interface, and I can
see that 1400byte-packets are coming in on the PPTP-interface from the web
servers I try to access.
m0n0wall sends an "icmp unreach/needfrag" back - to no avail.

Does anyone know a way around this?
...IPSec is probably better, but PPTP was SO easy to setup on win2003 ;o)

/Martin