Hi folks, apparently the MacOS road warriors have to manually adjust the MTU on ipsec0 to 1280 in some networks, e.g. if the IP provider is Unitymedia, or if they travel in an ICE of Deutsche Bahn and use the free Wifi. Without *sudo ifconfig ipsec0 mtu 1280* their IPsec connection appears to be broken.
Problem is, setting the MTU on MacOS is not persistent. On the next IPsec connection MacOS has lost the adjusted MTU and goes with the default 1400 again. Since the peer runs Strongswan on Linux, I wonder if there is something that can be done on this side? Is this purely MacOS' fault for not fragmenting payload accordingly? Every helpful comment is highly appreciated. Harri
