[Openswan Users] Openswan, ADSL and slow connections
Andrej Trobentar
andrej.trobentar at rikom.si
Mon Nov 14 09:55:54 CET 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Paul Wouters wrote:
>
> Remember overridemtu only works with klips, not netkey. I am not sure if
> you are using klips.
>
> A few things to try:
> - lover mtu on both sides using overridemtu= if using klips
> - use TCP clamping (see archive or wiki)
> - reduce the LAN ethernet mtu's on both ends to about 1400
>
> Paul
My interfaces are like this :
client -- (eth5)fw1(eth0) --<internet>-- (ppp0-eth0)fw2(eth1) -- camera
I have tried to set eth5, eth0, eth0 and eth1 on mtu 1400 and also put
overridemtu=1400 to ipsec.conf on fw1 and fw2, but that doesn't solve
the problem :( I also left the mtu on interfaces on default values and
only put overridemtu=1400 in ipsec.conf on fw1 and fw2, but the problem
still remains...
And yes, I'm using klips :
[root at rikom root]# ipsec --version
Linux Openswan 2.4.2dr5 (klips)
See `ipsec --copyright' for copyright information.
X.509-1.4.8 distributed by Andreas Steffen <andreas.steffen at strongsec.com>
[root at rikom root]#
Paul wrote that I should use TCP clamping, but I don't know how exactly.
Has anyone used that and can help me with an example for my situation?
- --
Thanks in advice and have a nice day,
Andrej.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFDeFEZVd/NU2yFfAoRAvJqAKDPQ1SCWwLXtDJWvfBopIM5q7yVGQCdE7kU
OOZ5M23mQIULS3OTll3e0VI=
=/qp+
-----END PGP SIGNATURE-----
More information about the Users
mailing list