PPPoE should NOT affect VPNs or websites, however, some administrators have told them to reply with no not fragment as well as 1500 byte packet sizes, as one user reported here, as well as other users have incorrect or bad (old) software configurations. 99.99% of the time it will work correctly, for both IPv6 and IPv4. The big thing here is how to handle IPv6 traffic, without a tunnel to capture traffic, its very hard to rate limit and/or ensure the client gets the same addresses. This is why we recommend to use PPPoE.
Dennis From: Af [mailto:[email protected]] On Behalf Of Paul Stewart Sent: Tuesday, February 27, 2018 5:29 AM To: [email protected] Subject: Re: [AFMUG] OT VPN over PPPOE For what it’s worth, I VPN over PPPOE very often …. Works very well. However I did have a point in time where it was totally unstable and after some wireshark traces I found it to be an MTU issue for sure. The client was Pulse Secure (former Juniper Pulse) and I was unknowingly running an older client … the client didn’t do path discovery correctly and sent all traffic with DF bit set …doh … I upgraded the client and all is well since Paul From: Af <[email protected]<mailto:[email protected]>> on behalf of Mathew Howard <[email protected]<mailto:[email protected]>> Reply-To: <[email protected]<mailto:[email protected]>> Date: Monday, February 26, 2018 at 7:57 PM To: af <[email protected]<mailto:[email protected]>> Subject: Re: [AFMUG] OT VPN over PPPOE It's a pretty good bet that any Pppoe connection is going to have an MTU of 1492 or less... But yeah, any decent VPN client should be able to handle that just fine... and most un-decent ones too, for that matter On Mon, Feb 26, 2018, 6:28 PM Forrest Christian (List Account) <[email protected]<mailto:[email protected]>> wrote: Depending on the exact settings in PPPoE it may have a smaller MTU than 'normal ethernet'. Any decent VPN should be able to handle this, however. -forrest On Mon, Feb 26, 2018 at 5:06 PM, Chuck McCown <[email protected]<mailto:[email protected]>> wrote: Had a customer that works from home. Could not make his VPN work. We thought perhaps it was a port issue. Opened the ports on the Smart RG. No good. He spend $150 over the weekend on a geek squad type of service and they pointed their finger at us. So, just because we haven’t tried it, we switched him to DHCP and it started working. We are in the process of converting everyone to DHCP. He wants a credit in the amount of the money he paid the geek squad. Wonder if it was truly our fault. Still don’t know why it started working or what the problem was. -- Forrest Christian CEO, PacketFlux Technologies, Inc. Tel: 406-449-3345 | Address: 3577 Countryside Road, Helena, MT 59602 [email protected]<mailto:[email protected]> | http://www.packetflux.com<http://www.packetflux.com/> [https://s3.amazonaws.com/images.wisestamp.com/icons/linkedin.png]<http://www.linkedin.com/in/fwchristian> [https://s3.amazonaws.com/images.wisestamp.com/icons/facebook.png] <http://facebook.com/packetflux> [https://s3.amazonaws.com/images.wisestamp.com/icons/twitter.png] <http://twitter.com/@packetflux>
