[Openswan Users] TCP connections stalling

Paul Wouters paul at xelerance.com
Fri Dec 16 16:18:21 CET 2005

On Fri, 16 Dec 2005, Andy Coates wrote:

> Basically the problem we're seeing is in our IPSEC/L2TP setup.  The IPSEC
> connection is brought up fine (tunnel), and L2TPd acting as a client
> connects to the remote gateway over the IPSEC tunnel fine.  ppp0 comes up
> and we're given an IP address, everything looks fine (each end pingable).
> This is all following the guide at
> http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
> What happens though is during a telnet session to a device on the remote
> network the connection seems to "stall", and then the tcp connection is

That sounds like a packet size or mtu isue. Try setting the physical interface
of your ipsec server (eg ethX) an mtu of 1400, and set the mtu/mtu size in
/etc/ppp/options.l2tpd to 1200.

What you are doing with this is cutting the overhead of various pppoe and
encapsolution overhead and avoid fragmentation.


More information about the Users mailing list