Hi all, this is a continuation of the RFC1918 thread I started last week. We have a VPN set up to a Rackspace-hosted server, and the VPN is passing traffic, but now I'm having some assorted problems with it.
Layout:
5 TIME CLOCKS and 1 Windows server on various subnets CORP NETS CORP ROUTER SOPHOS FW INTERNET VPN HOSTED SERVER
The hosted server is a Windows box, and from it you can access the http page of the clocks for configuration. By the diagram above, the "HOSTED SERVER" is attempting to open the "TIME CLOCKS" HTTP page. It works about 95% of the time, but randomly not for the same clock in a row, the HTTP page starts to load, and then in the middle of the page, you get the splash page of the firewall, indicating that the page is timing out. Local network users never have this issue.
The only non-default setting I've chosen that the VPN wizard did not do was to check, on the Remote Gateway tab, the "Support Path MTU Discovery", thinking maybe that the MTU is too large. A "ping -f -l" from an allowed inside host to the hosted server shows that the MTU has to be 1410 or lower to avoid fragmentation.
Any ideas?
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
