> "Michael Brown" <knightmb at knightmb dot dyndns dot org> wrote in message
> news:47B31F76 dot 1060105 at knightmb dot dyndns dot org...
>> or whatever). The problem that I had though was not the IPSec Tunnel, but
>> the actually ISP was having problems with the MTU setting between two
>> different ISP (in that case, it was Comcast to AT&T). The m0n0wall
>> machines I setup, one machine was behaving like a hub for more others
>> across the Internet. One site, which never had any problems nor
> I disagree that the root cause is related with ISP configuration.
> My statement is that is bug (or undocumented feature) of m0n0wall of
Actually blame Windows... What is happening is that NAT takes a little
of the packet, and VPN takes a little of the packet. (PPPoE will as
well) A TCP/IP stack is "supposed" to look for this, but Windows
doesn't. I set Windows servers to a MTU of 1400 just to avoid this.