> Not sure: what you described in your first mail also looks like a
> "basic" fragmentation problem, which can be easily solved by
> decreasing MTU on traffic endpoints (you can also play with TCPMSS on
> one gate, but this will only solve TCP problems...).
>
> The pf interaction may only be a sid
On Thu, Oct 20, 2005 at 11:47:27PM +0100, Volker wrote:
> hmm, I hate replying to myself
:-)
[rules]
> I guess as all works fine while pf is disabled this is an pf issue, right?
Not sure: what you described in your first mail also looks like a
"basic" fragmentation problem, which can be easi
hmm, I hate replying to myself
I've just checked another thing:
When disabling pf on both IPSec endpoints (even large) file transfer
works fine.
I'm using pf and altq with cbq.
Removing the pf 'scrub' rules didn't solve it. In the firewall I'll let
gif traffic pass with rules like:
pass qu
