If i reduce lan interface mtu on "Host" to approximately 1450, the tunnel works fine, so it seems that "Tunnel Endpoint" can't process correctly packets with a size of 1500 bytes.
You should allow for an IP header with options and the ESP header, which is smaller than 1450. For SKIP I use 1366 as the advertised MTU, and for IPsec usually 1436, unless I need to accomodate ESP and AH, in which case it's smaller.
If more information regarding this issue is needed, just ask.
Is this a known issue ?
It's a known feature of any sort of IP encapsulation.
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
