[Openswan Users] MTU problem Openswan U2.4.6/K18.104.22.168...
fviel at multibel.it
Fri Jun 6 06:52:43 EDT 2008
I'm still on troubles with my vpn and Windows Policy update.
As I stated in my post of 14/05/08 I can't ping with 2048 byte packet size
my remote size (and hence the policy update problem).
I have updated openswan to 2.4.6 but still the problem persist
Moreover I tried to debug the situation: I discovered the following:
When I ping remote site with 2048 byte this is the tcpdump of the WAN
ecosportellofw:~# tcpdump -i eth2 -n -p not port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
15:41:22.287465 IP 88.A.B.C > 87.D.E.F: ESP(spi=0x60320fe5,seq=0x166b9)
15:41:27.534918 IP 88.A.B.C > 87.D.E.F: ESP(spi=0x60320fe5,seq=0x166ba)
15:41:33.035337 IP 88.A.B.C > 87.D.E.F: ESP(spi=0x60320fe5,seq=0x166bb)
That means something is arriving(=> the tunnel first end works)... but it
does not come out (from the tunnel)... It's like big packets were discarded
It's strange because with another connection (this time ipsec/l2tp) on the
I'm able to ping with 2048byte packet size my remote server.
Could you help me?
Thank you in advance.
This is my network
| |88.A.B.C Tunnel 87.D.E.F| |
10.X.Y.0/24----- | FW1 |-------------------------| FW2 |----10.Z.Y.0/24
| | | |
More information about the Users