This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

At a loss - IPSEC

Connected my ASL to another ASL through IPSEC.. htings looked great, ping from my eth0_network (call it net A = 192.168.0) to the other one (call it net B = 192.168.1.0) working both ways, I can ssh from A to B quite happily, but nothing more. I have rules allowing A B and externA ExternB...

I can connect to an ftp server on B from A (and vice versa) and start a down/upload, but it dies after aq few bytes...

Any thoughts?

This thread was automatically locked due to age.

Parents

0 herp over 22 years ago

Hey Gaspar

For me it looks like you defined a too big MTU size for your WAN interface (1500 is the default). For example some DSL providers do not support that. Meaning that when the packets are starting to get big they will be fragmented, wich is no good for IPSec.....
Try to set the WAN MTU to someting like 768 on both sides, when it works go up (I've never seen a provider that supports less than something more than 1400), else you will loose too much performance....

Cheers
herp
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 herp over 22 years ago

Hey Gaspar

For me it looks like you defined a too big MTU size for your WAN interface (1500 is the default). For example some DSL providers do not support that. Meaning that when the packets are starting to get big they will be fragmented, wich is no good for IPSec.....
Try to set the WAN MTU to someting like 768 on both sides, when it works go up (I've never seen a provider that supports less than something more than 1400), else you will loose too much performance....

Cheers
herp
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data