[Openswan Users] TCP connections stalling
Andy Coates
andy at corenetwork.co.uk
Fri Dec 16 15:49:14 CET 2005
Paul Wouters wrote:
> On Fri, 16 Dec 2005, Andy Coates wrote:
>
>> Basically the problem we're seeing is in our IPSEC/L2TP setup. The
>> IPSEC connection is brought up fine (tunnel), and L2TPd acting as a
>> client connects to the remote gateway over the IPSEC tunnel fine.
>> ppp0 comes up and we're given an IP address, everything
> looks fine (each end pingable).
>> This is all following the guide at
>> http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
>>
>> What happens though is during a telnet session to a device on the
>> remote network the connection seems to "stall", and then the tcp
>> connection is
>
> That sounds like a packet size or mtu isue. Try setting the
> physical interface of your ipsec server (eg ethX) an mtu of
> 1400, and set the mtu/mtu size in /etc/ppp/options.l2tpd to 1200.
>
> What you are doing with this is cutting the overhead of
> various pppoe and encapsolution overhead and avoid fragmentation.
We've just tried this on both sides and its still having the same problem.
I did read about MTU problems on various threads, but in those cases they
saw a lot of fragmentation which we don't seem to be seeing.
Tried debugging as much as possible via tcpdump on my end, nothing odd at
all. No errors in any of the system logs either.
Cheers,
Andy.
More information about the Users
mailing list