Vivek Khera wrote:
However things go south when I hook up my powerbook running OS X 10.4 into the IPsec using mobile user. Basically, connected to the pfsense remote endpoint everything works. I can copy large files via ssh no problem. Normal ftp/http file transfer to all three works fine too. The thing that breaks is ssh data transfer from one of the m0n0 remotes (both via scp and rsync over ssh). The remote end just closes the connection after some timeout and locally I get a "protocol failure" from rsync. Even doing an "ls -lR" on a big directory can lock up the ssh terminal session.
this sounds a lot like an issue where packets bigger than your MTU after the added IPsec overhead are disappearing into thin air. This is pretty common with FreeBSD 4.x/m0n0wall. It doesn't seem to be as much of a problem with FreeBSD 6.x/pfsense. Why? I have no idea, because I haven't been able to replicate it with pfsense and compare the behavior. But some people have had the dreaded "RDP lock up" with pfsense that's caused by the same issue. ls over telnet (don't ask me why people are still running telnet, but it's been reported w/m0n0) and ssh will often cause it as well, on m0n0wall, though I haven't heard about the same with pfsense.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
