[Openswan Users] RDP from internal NET to VPN client fails, and some other strangness..
dashnu
dashnu at gmail.com
Thu Nov 16 14:09:27 EST 2006
Hello again. After reading a few more links on Jacco's site, I am
wonder some things.
I block ICMP and enable path MTU which I now see is absolutely
pointless and not wise..
If I allow icmp & enable pmtu would this solve my issue? If so icmp
type 3 all i need to allow in?
Any major risks involved with doing this?
Another thing is I really have no control over the other end... If
they have icmp filtered at the router level or in windows I will
again run into this problem I would assume.
Thanks as always.
On Nov 16, 2006, at 8:32 AM, dashnu wrote:
> Yea, these messages must have crossed.
>
> I tried the clamp this did not work.
>
> I am having some troubles with the ping option you gave me, ping by
> default is now disabled in XP by default. Large packets did not
> terminate the conn in this case. I will have him turn off his
> firewall and try it again.
>
> Any ideas on my strange DNS issue I talked about earlier? This same
> machine works fine on other networks. I am wondering if his router
> is somehow forcing DNS....
>
> Thanks
>
> On Nov 14, 2006, at 7:39 PM, Paul Wouters wrote:
>
>> On Tue, 14 Nov 2006, Brett Curtis wrote:
>>
>>> After looking around a bit more I am thinking this is a MTU issue :(
>>
>> that's why I suggested tcp clamping of the mtu.
>>
>> Paul
>
More information about the Users
mailing list