[Openswan Users] Problem with large packets
Martin Wickman
martin at wickman.com
Thu Sep 9 18:35:04 CEST 2004
Hello
(trying again, since my last mail got no response)
Linux Openswan U2.1.5/K2.6.8.1- (native) (native) using x.509.
I've managed to setup a so-so working ipsec tunnel between my two
networks. Both NAT'ed, local net is a dialup ADSL, remove end is static.
The major issues is related to sending and receiving _large_ packets.
Using ethereal and others found out that the problem was MTU related.
I changed the MTU on my local machine to match the NAT-router I am using
(ADSL with MTU 1454) using 'ifconfig eth0 mtu 1454'. That made it
possible to _send_ any packets without any problems. Problem is that I
can only receive packets smaller than (I think) 1325 bytes from the
office network. Trying anything larger than that results in a stalled
connection. I'm stuck.
1. Any ideas how I can fix this?
2. How is it possible that my tunnel works without having made _any_
changes to the firewall/NAT-gateway. That is, nothing ipsec-related has
been enabled in the firewall.
/Thanks alot for any hints!
More information about the Users
mailing list