[ previous ] [ next ] [ threads ]
 
 From:  Michael Stecher <Michael dot Stecher at cib dot de>
 To:  'Kristian Shaw' <monowall at wealdclose dot co dot uk>, "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  AW: [m0n0wall] Problem with IPSec VPN Tunnel - MTU-Size?
 Date:  Wed, 13 Feb 2008 10:05:12 +0100
Hello,

have many thanks for your quick response.

1. We've tried this out yesterday, but without any success.
2. We've also tried this, but lowering the WAN MTU cause that most internet sites aren't reachable.

Are there any other options?

Best regards,

Michael




Von: Kristian Shaw [mailto:monowall at wealdclose dot co dot uk]
Gesendet: Mittwoch, 13. Februar 2008 09:57
An: m0n0wall at lists dot m0n0 dot ch
Betreff: Re: [m0n0wall] Problem with IPSec VPN Tunnel - MTU-Size?

Hello,

1. Try enabling fragmented packets on the rules that allow outbound traffic from the LAN (or OP1
etc) and also tick the box in advanced options to allow fragmented packets.

2. If that doesn't work, try lowering the MTU of the WAN interface on both ends of the link.

Kris.

----- Original Message -----
From: "Michael Stecher" <Michael dot Stecher at cib dot de>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, February 13, 2008 8:51 AM
Subject: [m0n0wall] Problem with IPSec VPN Tunnel - MTU-Size?


Hello,

we've got a running IPSec tunnel betwenn two locations. Now we've got the problem that some packets
get lost. We've changed the mtu on a client PC to 1400 an anything works fine.

Now my question: Is it possible to change the mtu-site (or the mss-value) of the tunnel?

More datailed information ist described here:
http://forum.m0n0.ch/index.php/topic,1630.0.html

Have many thanks for your help.

Best regards,

Michael Stecher



---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch