[ previous ] [ next ] [ threads ]
 
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  "C. Andrew Zook" <andrewzook at pdqlocks dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPSEC - Fragmented packet / MTU problem
 Date:  Fri, 26 May 2006 22:57:51 +0100
Hello,

Make sure that you have also ticked to allow fragmented packets on any 
outbound firewall rules too.

Apart from that, do non-ipsec packets pass OK?

Kris.

----- Original Message ----- 
From: "C. Andrew Zook" <andrewzook at pdqlocks dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Friday, May 26, 2006 1:50 PM
Subject: [m0n0wall] IPSEC - Fragmented packet / MTU problem


> Hi all,
>
> I have been trying to track down an Email problem between two locations,
> and I have found what I believe to be a problem with MTU/fragmented 
> packets.
>
> I have had my tunnel up and working for quite a while. Things were
> perfect! Suddenly, it seems like it is not fragmenting packets over the
> tunnel any more. I am not sure if it is a change that I made and forgot
> about - or what could have caused it.
>
> If I use the commend "ping 192.168.2.254 -s 1472" to ping across the
> tunnel, it works fine.  "ping 192.168.2.254 -s 1473" or larger does not.
>
> I have the "allow fragmented packets over ipsec" checked in the advanced
> tab on both m0n0walls.
>
> Any other ideas?
>
> Thanks,
> Andy
>
>


--------------------------------------------------------------------------------


> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch