[Openswan Users] MTU issues with Openswan tunnel

Jett, Nathan NJett at rpmstaff.com
Thu Nov 30 16:50:09 EST 2006

Thanks Paul,

This worked perfectly.  You are right, this would be a very useful feature in the 
config file.

Thanks again,

-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com]
Sent: Thursday, November 30, 2006 2:32 PM
To: Jett, Nathan
Cc: users at openswan.org; dev at openswan.org
Subject: Re: [Openswan Users] MTU issues with Openswan tunnel

On Thu, 30 Nov 2006, Jett, Nathan wrote:

> I have several ipsec tunnels to various clients and recently added a new one for a new client.  With this new client's VPN connection, nothing (ie FTP, terminal sevices, etc) seems to work well unless I manually set the MTU value for Openswan to 1400.  However setting the MTU to 1400 screws up my other ipsec tunnels.  Is there a way to set the MTU value for just one tunnel?

Yes, using Advanced Routing. Something like:

ip route change rightsubnet/mask dev xxx mtu 1400

I'd like to see an mtu= option for a per-tunnel setting that does exactly
this. Perhaps something Tuomo would like to work on? :)

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list