I have a point to point IPSEC VPN between a Sonicwall and a m0n0wall,
and am having problems with workstations that are joined to the domain
over the VPN.
I found this: force Kerberos to use TCP instead of UDP in Windows
Server 2003 http://support.microsoft.com/default.aspx?scid=kb;en-us;244474
which helps with the login process, but other things are still giving
me problems, like processing the GPO, which still fails.
I have experimented with ping sizes, and the largest ping that can get
through is 1408. If I do ping -l 1409 192.168.2.2 it will fail.
However, the problem only seems to be in the direction of m0n0wall to
sonicwall. If I do a large ping the other way around (sonicwall to
m0n0wall), it will get through.
I think this is a MTU issue, but am not sure how to solve it. I was
hoping that someone else has already run into this, and has a