[Openswan Users] Problem with large packets

Martin Wickman martin at wickman.com
Thu Sep 9 18:35:04 CEST 2004


(trying again, since my last mail got no response)

Linux Openswan U2.1.5/K2.6.8.1- (native) (native) using x.509.

I've managed to setup a so-so working ipsec tunnel between my two
networks. Both NAT'ed, local net is a dialup ADSL, remove end is static.

The major issues is related to sending and receiving _large_ packets.
Using ethereal and others found out that the problem was MTU related.

I changed the MTU on my local machine to match the NAT-router I am using
(ADSL with MTU 1454) using 'ifconfig eth0 mtu 1454'. That made it
possible to _send_ any packets without any problems. Problem is that I
can only receive packets smaller than (I think) 1325 bytes from the
office network. Trying anything larger than that results in a stalled
connection. I'm stuck.

1. Any ideas how I can fix this?

2. How is it possible that my tunnel works without having made _any_
changes to the firewall/NAT-gateway. That is, nothing ipsec-related has
been enabled in the firewall.

/Thanks alot for any hints!

More information about the Users mailing list