[ previous ] [ next ] [ threads ]
 
 From:  "mono-freshman" <mono at gmitec dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  IPSec established but telnet/ssh always fail at the same screen position
 Date:  Mon, 31 Jul 2006 18:13:11 +0800
Dear all,

Actually Chris in here has helped me before and gave me a workaround. But I want a fix on gateway
side.

My case is if I create an IPSec VPN using m0n0wall (either or both side has m0n0wall), then if I
telnet from one side to the text based ERP server on the other side, it will always hang at the
exact same location. From Chris, it is the problem of m0n0wall that can't control the client side
MTU. The MTU from the client side is too high so break the telnet connectivity without any notice.
But the VPN (or all other traffic within) is still good when that happen. Chris suggested me to
manual limit the MTU to 1400 in registry. It works. But as I have many many ERP users on our side, I
can't possibly do that manual setting one by one. Also, after the MTU limit, users feedbacked that
their network speed is much slower than before. 

I found there is MTU setting in WAN port. I changed it to 1400 as I thought all VPN traffic should
go through it. But after the setting, the telnet still hang at the same place. Any place within
m0n0wall that I can do for this problem?

What a big problem I have in here (to my company). My boss wanna kill me. I need urgent help. Many
many thanks!

Best regards,
Johnny