[Openswan Users] L2TP/PPP authentication ---> MTU problems
Tomasz Grzelak
tgrzelak at wktpolska.com.pl
Wed Apr 27 16:21:55 CEST 2005
Jacco de Leeuw wrote:
>
>> Sorry for interrupting the topic but I think it's right time to ask,
>> how do you handle issues with MTU when using plain IPSec?
>
>
> Sorry, you're asking the wrong guy. I have not had MTU problems
> (fortunately) so I can't really help.
so you are the lucky one :)
>
> How about using 'ifconfig eth0 mtu 1400' or some other value?
that's not an option; there is a lot of other traffic on the IPSec link
I just want to know how it should be solved best - establish
PPP/L2TP/IPSec connections like xp clients do, or would be enough to let
icmp [3,4] packets go through, so Path-MTU would be used, or... what else?
I used the MSS target in the iptables script, and it worked, but I think
it isn't the right way, bacause it does not solve all problems, just TCP
sessions.
So, who else had the problem, and would like to share the knowledge of
solving it?
Tomasz Grzelak
More information about the Users
mailing list