I've run into this issue as well. The only solution was to change it on
the server being accessed or whatever client PCs that were "acting" like
a server that other machines would connect to (whether for file sharing
or whatever). The problem that I had though was not the IPSec Tunnel,
but the actually ISP was having problems with the MTU setting between
two different ISP (in that case, it was Comcast to AT&T). The m0n0wall
machines I setup, one machine was behaving like a hub for more others
across the Internet. One site, which never had any problems nor
modifications for the MTU, had it's ISP changed out to Comcast and
that's when all the trouble started. I tried everything on both ends
(MTU settings, fragmented packets, etc) and nothing worked. The ISP
changed prevented the client computers from connecting to a server back
at home base. Finally, I changed the MTU of the server to 1400 and
everything worked. Why it was this specific ISP to ISP connection that
didn't work with a standard MTU of 1500 I have no idea.
Michael Stecher wrote:
> have many thanks for your quick response.
> 1. We've tried this out yesterday, but without any success.
> 2. We've also tried this, but lowering the WAN MTU cause that most internet sites aren't
> Are there any other options?
> Best regards,