From owner-freebsd-security@FreeBSD.ORG  Mon Apr 18 15:36:04 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5A29616A4CE
	for <freebsd-security@freebsd.org>;
	Mon, 18 Apr 2005 15:36:04 +0000 (GMT)
Received: from avscan1.sentex.ca (avscan1.sentex.ca [199.212.134.11])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DD54B43D31
	for <freebsd-security@freebsd.org>;
	Mon, 18 Apr 2005 15:36:03 +0000 (GMT)	(envelope-from mike@sentex.net)
Received: from localhost (localhost.sentex.ca [127.0.0.1])
	by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id j3IFa3JX057387;
	Mon, 18 Apr 2005 11:36:03 -0400 (EDT)
	(envelope-from mike@sentex.net)
Received: from avscan1.sentex.ca ([127.0.0.1])
 by localhost (avscan1.sentex.ca [127.0.0.1]) (amavisd-new, port 10024)
 with LMTP id 57098-04; Mon, 18 Apr 2005 11:36:02 -0400 (EDT)
Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18])
	by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id j3IFa14E057336;
	Mon, 18 Apr 2005 11:36:01 -0400 (EDT)
	(envelope-from mike@sentex.net)
Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27])
	by lava.sentex.ca (8.13.3/8.12.11) with ESMTP id j3IFZse2042031;
	Mon, 18 Apr 2005 11:35:55 -0400 (EDT)
	(envelope-from mike@sentex.net)
Message-Id: <6.2.1.2.0.20050418113225.04784f40@64.7.153.2>
X-Mailer: QUALCOMM Windows Eudora Version 6.2.1.2
Date: Mon, 18 Apr 2005 11:34:28 -0400
To: mail@vickysh.wlink.com.np, freebsd-security@freebsd.org
From: Mike Tancsa <mike@sentex.net>
In-Reply-To: <200504171417.18458.mail@vickysh.wlink.com.np>
References: <200504171417.18458.mail@vickysh.wlink.com.np>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
X-Virus-Scanned: by amavisd-new
X-Virus-Scanned: by amavisd-new at avscan1b
Subject: Re: IPSEC l2tpd and Windows shares problem
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Apr 2005 15:36:04 -0000

At 04:32 AM 17/04/2005, Vicky Shrestha wrote:
>Dear all,
>
>I am running IPSEC and l2tpd in FreeBSD 4.9.
>mtu 1400
>mru 1400


It sounds like you have the PMTU issue covered, but it also sounds like an 
MTU issue.  Can you try and generate some large ping packets and see if 
they are being fragmented properly ?  hping is useful for this as you can 
toggle the DF bit as well as send non ICMP type packets.

Also, are the IPSEC polices all installed properly ?

         ---Mike