[Openswan Users] strange problems with mtu and openswan

Robert Ewald robewald at gmx.net
Wed Jan 12 21:09:12 CET 2005


[please CC me]

I have a very interesting problem here. I have basic setup as follows:
I have a laptop and a desktop pc. 

when I try to connect to the left.openswan.gw from the desktop i get:

002 "roadwarrior" #7: initiating Main Mode
104 "roadwarrior" #7: STATE_MAIN_I1: initiate
003 "roadwarrior" #7: received Vendor ID payload 
002 "roadwarrior" #7: enabling possible NAT-traversal with method RFC XXXX 
002 "roadwarrior" #7: transition from state STATE_MAIN_I1 to state 
106 "roadwarrior" #7: STATE_MAIN_I2: sent MI2, expecting MR2
003 "roadwarrior" #7: NAT-Traversal: Result using 
draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
002 "roadwarrior" #7: I am sending my cert
002 "roadwarrior" #7: I am sending a certificate request
002 "roadwarrior" #7: transition from state STATE_MAIN_I2 to state 
108 "roadwarrior" #7: STATE_MAIN_I3: sent MI3, expecting MR3
003 "roadwarrior" #7: discarding duplicate packet; already STATE_MAIN_I3
010 "roadwarrior" #7: STATE_MAIN_I3: retransmission; will wait 20s for 

when I try from the laptop everthing works fine.

The problem seems to be an MTU related one, but i just dont get it. There is 
no firewall configuration on any computer.

ping -s 1472 left.openswan.gw 

results in total packet loss from both computers.

can anybody explain on this list explain this behaviour.

Thank you very much for your time.

[please CC me]

Robert Ewald

More information about the Users mailing list