"Lee Sharp" <leesharp at hal dash pc dot org> wrote in message
news:47B352BC dot 6000005 at hal dash pc dot org...
> Actually blame Windows... What is happening is that NAT takes a little of
> the packet, and VPN takes a little of the packet. (PPPoE will as well) A
> TCP/IP stack is "supposed" to look for this, but Windows doesn't. I set
> Windows servers to a MTU of 1400 just to avoid this.
I also tested it with Debian etch 2.6.18-5-686 on both ends.
Result is exactly the same.
Here are 2 examples that does not work (m0n0wall (firewall) starts blocking
- open ssh session and start "top"
- execute scp /bin/tar <remote-ip>:.
I do agree that if I set MTU of servers (Win, Lnx, others) to lower value
then it works
but I think this is not expected behaviour of IPSec (NAT-T) tunnels /