Maybe NAT traversal? https://wiki.strongswan.org/projects/strongswan/wiki/NatTraversal
> On May 13, 2017, at 5:30 PM, Laz C. Peterson <l...@paravis.net> wrote: > > Hello everyone, > > We’re having a pretty interesting problem here … > > To give you the quick summary, we have AT&T U-Verse “Business Fiber” (which > is a fancy way of saying it’s actual fiber, but the budget kind …) and have > very serious issues establishing any TLS or SSL encrypted connections through > IPSec tunnels. > > If we plug a SonicWALL device in, same tunnel settings, we have no issues at > all. But our pfSense device (it is a SG-2440) struggles very hard and we > cannot do simple encrypted services over this tunnel — including downloading > email, synchronizing AD domain servers, or even rsync over SSH. > > It’s been very troubling. When plugging in the SonicWALL, all of these > services work completely flawlessly. The second we use the pfSense, none of > the encrypted protocols through the tunnel work. > > I’ve been thinking about MSS and MTU, but I really don’t know where to begin. > The SonicWALL seems to be able to figure these things out on its own (if > that’s even the issue). But I’m at a total loss. > > Any suggestions? > > ~ Laz Peterson > Paravis, LLC > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
