[Openswan Users] RDP connection slow

Gary W. Smith gary at primeexalia.com
Tue Jan 31 13:14:12 CET 2006 

Trying setting the MTU on your ADSL interface to 1400 in the ifcfg-ethx file.

MTU=1400

We had a similar problem when two IPSEC networks, hooked together via ADSL (on each end), had odd MTU's.

Gary Wayne Smith

> -----Original Message-----
> From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
> Behalf Of Andreas Lüdtke
> Sent: Tuesday, January 31, 2006 5:32 AM
> To: users at openswan.org
> Subject: [Openswan Users] RDP connection slow
> 
> Hi group,
> 
> I've a working ipsec tunnel between two lan and RDP (Windows Terminal
> Server protocol)
> connections over this tunnel are VERY slow, but only in one direction!
> Here are the
> details:
> 
> The company lan is connected to the internet via a commercial VPN router
> and a 2MBit SDSL
> line. My home office is connected to the internet via an Openswan (2.4.4)
> router an a
> 1024/128 DSL line.
> When I connect from my home office to the company Terminal Server,
> everything is fine.
> When I connect from the company to the terminal server in my home office
> it is very, very
> slow. I know I only have 128kbits upstream bandwidth, but I made it
> possible to connect
> from the internet directly (via port forwarding) to this terminal server.
> If I connect via
> this way (no ipsec tunnel), I have a normal connection without speed
> problems.
> 
> Maybe this could be an mtu problem, so I measured some pings back and
> forth:
> 
> Company to home office: ping with size 7280 works, size of 7290 and more
> doesn't work
> Home office to company: ping with size 3850 works, size of 3860 and more
> doesn't work
> 
> When I tried to ping the company with a size of 3860, I can't ping the
> company anymore
> even with smaller packet sizes. I can't even ping known websites! It looks
> like the router
> is somehow "blocked". After a minute or so, this blocking vanishes and I
> can ping the
> company and websites.
> 
> Does someone has an explanation or even better a solution for this?
> 
> Thanks
> 
> Andreas
> 
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users

More information about the Users mailing list