I'm guessing that noone else has gotten IPSEC working when
using a PPPoE connection.
I can bring up the SA's between two m0n0wall routers simply
by sending a few pings from one private subnet to the other.
However, it seems that practical network traffic, like
Windows Networking for non-small directories, Windows
Terminal Services, or even web-browsing to an Intranet
web server will not work. I am guessing that they are using
Since m0n0wall uses the FAST_IPSEC, I can't try to reduce
the MTU on the ipsec interface (or I don't know how). I
have tried reducing the MTU of the LAN interfaces (by
running "ifconfig sis0 mtu 1300" from /exec.php) but that
didn't solve the problem. I'm not even sure if this would
have fixed it since I'm don't understand this MTU/MSS
behaviour well. Perhaps the BSD TCP/IP stack reassembled
the fragments before putting it through IPSEC.
As a workaround, will forcing all the end-user PC's to use
a lower MTU work? There is apparently a Windows 2000 registry
entry that can force maximum MTU sizes. If anyone has any
insight, it would be much appreciated!