On Fri, Apr 13, 2018 at 11:13 AM, Charles Wise wrote:
> It shows 1322 both with and without the '-m 1322'. And now it's
> working at full speed, both with and without the '-m 1322'. I checked
> the config before and after the failures and the '-m 1322' is the only
> difference.
On Fri, Apr 13, 2018 at 5:39 AM, Charles Wise wrote:
> I'm confused as well. But it reliably fails w/o setting the explicit
> MTU in the arguments.
>
> What command(s) do I run to tell what MTU value is _really_ being
> used? This is FreeBSD 11.1-RELEASE-p7 (pfSense
It's possible that this is related to the issue I reported in january
(http://lists.infradead.org/pipermail/openconnect-devel/2018-January/004647.html),
which involves a bug in gnutls. The bug has been fixed upstream, but
debian stable and ubuntu have not taken new versions of gnutls 3.5 or
3.6
On Thu, Apr 12, 2018 at 8:18 PM, Charles Wise wrote:
> Looks like it's the MTU. I did the - and --dump and the output
> said the MTU should be 1322 (DTLS option X-DTLS-MTU : 1322). When I
> enable DTLS and _don't_ set the MTU, I run iperf3 and the traffic
> drops to zero
On Thu, Apr 12, 2018 at 5:34 AM, Charles Wise wrote:
> Hello, I'm using the latest version - OpenConnect version
> v7.08-unknown - on FreeBSD ARM.
Is that big-endian or little-endian? (Have you tested on a more
conventional system, say, Linux or BSD on arm64?)
> I have to
Hello, I'm using the latest version - OpenConnect version
v7.08-unknown - on FreeBSD ARM. I have to disable DTLS (--no-dtls) or
my VPN connection is unusable and spits out lots of unknown DTLS
values. Is this a known issue? I don't know the Cisco AnyConnect
server version but I can ask my IT