[Openswan Users] RDP connection slow

openswan openswan at obs.bg
Wed Feb 1 10:46:42 CET 2006 

Hi,

I'm not sure what is the problem but I recommend you to disable all "Tx
offload" (sometimes called "Hardware Checksum") of ethernet cards on all
of your WORKSTATIONS. To do this in WINDOWS go to "Device Manager" and
click on the appropriete ethernet card. In linux use "modinfo" to check
the options of the module and then "modprobe". Note: some ethernet cards
does not support this option.


Gary W. Smith wrote:

>Trying setting the MTU on your ADSL interface to 1400 in the ifcfg-ethx file.
>
>MTU=1400
>
>We had a similar problem when two IPSEC networks, hooked together via ADSL (on each end), had odd MTU's.
>
>Gary Wayne Smith
>
>  
>
>>-----Original Message-----
>>From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
>>Behalf Of Andreas Lüdtke
>>Sent: Tuesday, January 31, 2006 5:32 AM
>>To: users at openswan.org
>>Subject: [Openswan Users] RDP connection slow
>>
>>Hi group,
>>
>>I've a working ipsec tunnel between two lan and RDP (Windows Terminal
>>Server protocol)
>>connections over this tunnel are VERY slow, but only in one direction!
>>Here are the
>>details:
>>
>>The company lan is connected to the internet via a commercial VPN router
>>and a 2MBit SDSL
>>line. My home office is connected to the internet via an Openswan (2.4.4)
>>router an a
>>1024/128 DSL line.
>>When I connect from my home office to the company Terminal Server,
>>everything is fine.
>>When I connect from the company to the terminal server in my home office
>>it is very, very
>>slow. I know I only have 128kbits upstream bandwidth, but I made it
>>possible to connect
>>from the internet directly (via port forwarding) to this terminal server.
>>If I connect via
>>this way (no ipsec tunnel), I have a normal connection without speed
>>problems.
>>
>>Maybe this could be an mtu problem, so I measured some pings back and
>>forth:
>>
>>Company to home office: ping with size 7280 works, size of 7290 and more
>>doesn't work
>>Home office to company: ping with size 3850 works, size of 3860 and more
>>doesn't work
>>
>>When I tried to ping the company with a size of 3860, I can't ping the
>>company anymore
>>even with smaller packet sizes. I can't even ping known websites! It looks
>>like the router
>>is somehow "blocked". After a minute or so, this blocking vanishes and I
>>can ping the
>>company and websites.
>>
>>Does someone has an explanation or even better a solution for this?
>>
>>Thanks
>>
>>Andreas
>>
>>_______________________________________________
>>Users mailing list
>>Users at openswan.org
>>http://lists.openswan.org/mailman/listinfo/users
>>    
>>
>_______________________________________________
>Users mailing list
>Users at openswan.org
>http://lists.openswan.org/mailman/listinfo/users
>  
>

More information about the Users mailing list