Good afternoon all,
So I have 3 sites in a full mesh IPsec VPN. 2 of those sites are PF
2.1-BETA0 (nov 1) and the other is m0n0wall 1.33. Tunnel that is currently
affected traverses one PF and the m0n0. I have disabled hardware checksum
offload, hardware TCP segmentation offload and hardware large receive
offload. I'm seeing a high number of the 0x0000 checksums (50+ percent) and
I believe this is causing an AD domain join to fail over the VPN. No
traffic filtering over the tunnels or on the interfaces where these hosts
live, wide open between one another. Packet capture attached, any insight
would be fabulous. Thanks all.-- Wade Blackwell Cell - 805.400.8485 Desk - 805.457.8825 X998 Looking for a Cloud, Security or network engineer? http://www.bablam.com/WadeBlackwell_Current.doc
domain-join.pcap
Description: Binary data
_______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
