> Most likely broken path mtu discovery, see: > https://libreswan.org/wiki/FAQ#My_ssh_sessions_hang_or_connectivity_is_very_slow >
Thank you for your answer, but I already tried any of those solutions (tried almost every value from 1500 down to 250), without actually fixing the problem at all. Any other help? Keep in mind that I have other tunnels between the hosts the one behind NAT is connecting to, and when NAT-ed host is not involved, I've no problems at all. Regards, Davide. ********** Davide Pucci Systems and Software Engineer Mob: +39 348 923 7278 Tel: +39 06 5960 2069 Fax: +39 06 5960 6185 Email: [email protected] I-node s.r.l. We build you® .biz Via di San Giovanni in Laterano, 84 - 00184 Roma (RM) Twitter: http://www.twitter.com/i_node Sito Web: http://www.i-node.it Da: "Paul Wouters" <[email protected]> A: "Davide Pucci" <[email protected]> Cc: "swan" <[email protected]> Inviato: Mercoledì, 20 dicembre 2017 22:02:06 Oggetto: Re: [Swan] Tunnel behind NAT: large packets freeze it On Wed, 20 Dec 2017, Davide Pucci wrote: > I need your help as I'm facing several issues without some Swan IPsec > tunnels: they all are built between a NAT-ed > host (running openswan) and a publicly exposed one (running libreswan). > I can always reproduce the issue by executing "for i in {0..30}; do ps ax; > done" or "dd if=/dev/urandom bs=10M": it > seems that if I run commands with large outputs tunnel goes down. > The first - behind NAT - host has the configuration file attached as > h1-to-h2.conf; similarly, the latter, the one > named h2-to-h1.conf. Most likely broken path mtu discovery, see: https://libreswan.org/wiki/FAQ#My_ssh_sessions_hang_or_connectivity_is_very_slow Paul
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
