[Openswan Users] strange problems with mtu and openswan
Robert Ewald
robewald at gmx.net
Wed Jan 12 21:09:12 CET 2005
Hello,
[please CC me]
I have a very interesting problem here. I have basic setup as follows:
192.168.1.0/24===left.openswan.gw---dsl.router.l....dsl.router.r---switch--roadwarrior.laptop
+-----roadwarrior.desktop
I have a laptop and a desktop pc.
when I try to connect to the left.openswan.gw from the desktop i get:
002 "roadwarrior" #7: initiating Main Mode
104 "roadwarrior" #7: STATE_MAIN_I1: initiate
003 "roadwarrior" #7: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-03]
002 "roadwarrior" #7: enabling possible NAT-traversal with method RFC XXXX
(NAT-Traversal)
002 "roadwarrior" #7: transition from state STATE_MAIN_I1 to state
STATE_MAIN_I2
106 "roadwarrior" #7: STATE_MAIN_I2: sent MI2, expecting MR2
003 "roadwarrior" #7: NAT-Traversal: Result using
draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
002 "roadwarrior" #7: I am sending my cert
002 "roadwarrior" #7: I am sending a certificate request
002 "roadwarrior" #7: transition from state STATE_MAIN_I2 to state
STATE_MAIN_I3
108 "roadwarrior" #7: STATE_MAIN_I3: sent MI3, expecting MR3
003 "roadwarrior" #7: discarding duplicate packet; already STATE_MAIN_I3
010 "roadwarrior" #7: STATE_MAIN_I3: retransmission; will wait 20s for
response
when I try from the laptop everthing works fine.
The problem seems to be an MTU related one, but i just dont get it. There is
no firewall configuration on any computer.
ping -s 1472 left.openswan.gw
results in total packet loss from both computers.
can anybody explain on this list explain this behaviour.
Thank you very much for your time.
[please CC me]
Greetings
--
Robert Ewald
More information about the Users
mailing list