I have a VPN going from a remote firewall to an opt interface on
m0n0wall and currently experiencing problems with packets that need to
be fragmented. I can see from windump on the desktop that a packet is
being sent from the desktop on the m0n0wall opt1 subnet that would need
to be fragmented but the desktop just keeps retransmitting it(Remote
Desktop protocol). Does the new ipsec stuff with the ipsec interface
only apply for tunnels that use the LAN as the subnets?
I also read the changelog where it mentions the firewall rules page for
the ipsec interface can be used to control access through the VPNs. I
enabled logging on that default rule(and enabled framentation on it) but
none of my vpn traffic is being logged by that rule. I have to use a
rule on the opt interface to get traffic to pass. Could this be why the
MTU issues are still around for me (because the ipsec interface is only
for the lan interface?).
Also if anyone knows where to get an image of b10 with tcpdump or a
static build of tcpdump that I could upload with exec.php it would be
appreciated. Trying to troubleshoot without tcpdump is not fun.