Date: Fri, 10 May 2002 21:49:23 +0930 (CST) From: Justin Hawkins <justin@hawkins.dropbear.id.au> To: freebsd-net@freebsd.org Subject: mpd-netgraph as VPN client to Cisco 2500 REDUX Message-ID: <20020510210708.S94900-100000@tardis.everard.bogus>
next in thread | raw e-mail | index | archive | help
Well thanks to Archie, I had mpd connecting me to my works 2500 quite successfully. 'Had' being the operative word :-) Unfortunately, the 2500 recently had some configuration changes. Specifically related to the MTU settings. This fixed some other clients, but broke me :-( Symptoms, the connection is initiated and established fine. Some traffic can pass; web access works, but slowly. All ping's fail, I quickly get: From gw.everard.bogus (192.168.0.1): Source Quench From gw.everard.bogus (192.168.0.1): Source Quench From gw.everard.bogus (192.168.0.1): Source Quench From gw.everard.bogus (192.168.0.1): Source Quench for pings. mpd is telling me: [vpn] LCP: no reply to 1 echo request(s) [vpn] LCP: no reply to 2 echo request(s) [vpn] LCP: no reply to 3 echo request(s) [vpn] LCP: no reply to 4 echo request(s) [vpn] LCP: no reply to 5 echo request(s) I'm positive that some traffic does get through - the web accesses I can do would be utterly impossible if it were not for a VPN tunnel (blocked by firewall). The link is effectively unusable though. The cisco config has an MTU of 1524 specified. After I had mpd bring the tunnel up, I manually changed the MTU on ng0 with: ifconfig ng0 mtu 1524 Initially I had limited success with this, pings started working, but web access was worse (non existent). Now I can't even get that. I've tried lower MTU's, to no visible effect. Part of me thinks that if MTU were really a problem, a low MTU (like 300) would fix it, but make performance suck. Perhaps that's not the case. Or perhaps I've misdiagnosed this problem :-) I still have my host route to the cicso via my normal default gateway (because the cisco has an IP on the tunnelled network), and I've upgraded mpd to version 3.8. Any ideas? - Justin -- justin@hawkins.dropbear.id.au | "Don't sweat it -- http://hawkins.dropbear.id.au | it's only 1's and 0's" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020510210708.S94900-100000>