[Openswan Users] KLIPS MTU problem

Paul Overton paul at trusted-management.com
Tue Jun 28 09:10:47 EDT 2011


I have been using openswan for a number of years and generally have no issues with stability etc.

However I have one location where NAT-T and fragmentation are an issue. The host network provides a 1:1 NAT with a real world IP address for all clients (This is a business centre). The Business centre external firewall blocks and drops all fragmented frames at 1420 bytes.

In Openswan (KLIPS) I have used the "overridemtu=" setting to produce a tunnel which never allows the UDP encap frames to fragment, however I have found that  opensewan 2.6.33 ignores this directive.

Has this command been removed, negated or replaced ?

Thanks in advance


Paul Overton

This message has been scanned for viruses and
dangerous content by Trusted Management Limited, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110628/a4492d13/attachment.html 

More information about the Users mailing list