Per the subject line and e-mail contents, Pjay is not even using LTE, but WiMAX. But that is confusing to me because I thought that WiMAX did not require a GRE tunnel for L2, but could handle L2 natively. (I have zero practical experience with WiMAX, though, so I'm probably mistaken.)
I agree with the MSS clamping idea...SSL VPN should be TCP-based, so it should respond to that UNLESS the other end of the VPN is doing something unorthodox, such as forcibly upclamping the MSS while simultaneously breaking path MTU discovery via excessive ICMP filtering, the net effect of which would be that nobody with an MTU lower than what *their* VPN concentrator is set to will be able to successfully pass traffic to it. (I have seen it before...paranoid network administrators can be guilty of some really dumb things.) -- Nathan From: [email protected] [mailto:[email protected]] On Behalf Of Jeremy Austin Sent: Thursday, June 23, 2016 11:35 AM To: [email protected] Subject: Re: [Telrad] Telrad WIMAX and SSLVPN (Juno Pulse) On Wed, Jun 22, 2016 at 9:23 AM, Pjay Castro <[email protected]<mailto:[email protected]>> wrote: Has anyone seen this issue and has anyone overcome it other than changing to a different technology for exceptions? Have you tried MSS clamping upstream from the tunnel? I ended up running my own L2 tunnel rather than Telrad's. Still stuck with a smaller MTU, of course. I'm also curious how other people are solving this issue until we can get a 1500 byte LTE WAN MTU. -- Jeremy Austin (907) 895-2311 (907) 803-5422 [email protected]<mailto:[email protected]> Heritage NetWorks Whitestone Power & Communications Vertical Broadband, LLC Schedule a meeting: http://doodle.com/jermudgeon
_______________________________________________ Telrad mailing list [email protected] http://lists.wispa.org/mailman/listinfo/telrad
