Both windows and Mac, I set MUT to 1380. I used CocoapacketAnalyzer to obtain some packet. But no hints for me.
On Fri, Jan 13, 2012 at 10:31 PM, Roper, Andrew <[email protected]> wrote: > Jinyan, > > I think you are going to need to obtain some packet captures to see what is > happen with the packets that leave the Windows and Mac clients. This should > help to determine the difference in the datagrams that may help you determine > what the root cause is and then make the necessary adjustments. I'm > suspecting that it's an MTU issue and this would be apparent in the packet > captures. > > -Andrew > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Jinyan Huang > Sent: Thursday, January 12, 2012 10:38 PM > To: Kevin VPN > Cc: [email protected] > Subject: Re: [vpn-help] What is the different between windows and Mac version > for shrew VPN? > > Dear Kevin, > > Thank you for your suggestions. I have try them, but it still not works. The > problem is the same. > > I am sure it is because the network problem. For the Mac version, in France, > it is OK. But in China, it does not. For windows, both are OK. > I do not know how to fix this problem. > > When I install a windows virtual box on Mac, it is OK on that windows. > > Thank you. > > On Thu, Jan 12, 2012 at 10:20 AM, Kevin VPN <[email protected]> wrote: >> On 01/05/2012 10:41 PM, Jinyan Huang wrote: >>> >>> >>> On Fri, Jan 6, 2012 at 10:52 AM, Kevin VPN<[email protected]> wrote: >>>> >>>> On 01/02/2012 05:30 AM, Jinyan Huang wrote: >>>>> >>>>> >>>>> Dear Kevin, >>>>> >>>>> I have strange problem for shrew VPN. When I am in France, the vpn >>>>> on Mac and windows worked very well. But when I return to China, >>>>> only VPN on window is working. The VPN for Mac does not work. I got >>>>> this error message. Shrew vpn mac version is Ver 2.2.0. >>>>> >>>>> negotiation timout occurred >>>>> tunnel disabled >>>>> detached from key daemon >>>>> >>>>> I have try these twice. So I am sure for this. In China, only >>>>> windows version is fine. In France, both version is OK. >>>>> >>>>> Maybe China blocked some port? What is the different between >>>>> windows and Mac version for shrew VPN? >>>>> >>>> >>>> Hi Jinyan, >>>> >>>> I'm not sure what differences might come into play. Obviously they >>>> are different in some ways being on different OSes using different >>>> dependency components, but I would think that the actual packets >>>> going back and forth (which is what a network filter would see) >>>> would be pretty similar. >>>> >>>> Can you provide us with iked.log trace outputs from the Mac and >>>> Windows machines so we can compare? Maybe one is trying to do NAT-T >>>> and the other isn't? >>>> >>>> What version is Shrew on the Windows machine (you mention Mac is 2.2.0)? >>> >>> >>> Dear Kevin, >>> >>> The attachments are windows and Mac iked log files. >>> >>> With windows, it works. With Mac, it does not work. >>> >>> For windows version, it sometimes does not work. But if I switched >>> "Auto Configuration" between "ike config pull" and "ike config push", >>> it will fix this problem. >>> >>> Shrew version: >>> windows:2.1.7 >>> mac:2.2.0 >>> >> >> Hi Jinyan, >> >> First, you shouldn't have to switch between push and pull configuration. >> Pull is what the gateway is configured for, so you should be able to >> leave it always on pull. >> >> From the log files, I can't really see a difference between Windows >> and Mac, other than of course Windows succeeds and Mac does not. The >> Mac client never gets any response of any kind from the gateway, >> although the destination port (500) should be open to the gateway because >> Windows works. >> >> Something that might have an effect is maximum packet size (MTU). >> Maybe Windows is splitting packets into smaller pieces than Mac is and >> that's why they're getting through. Try playing with the MTU, IKE >> Fragmentation and the Maximum packet size in the Shrew config to see >> if that makes a difference. >> >> Have you checked to ensure the Mac box can ping or connect to the gateway? >> Can it otherwise connect to the Internet? >> >> Another thing would be to assign the same IP to the Mac box as Windows uses. >> In your logs, the Mac was using IP 192.168.1.101 and Windows was >> using 192.168.1.103. You could try giving the Mac IP 103 (after >> disconnecting the Windows machine of course). >> >> _______________________________________________ >> vpn-help mailing list >> [email protected] >> http://lists.shrew.net/mailman/listinfo/vpn-help > _______________________________________________ > vpn-help mailing list > [email protected] > http://lists.shrew.net/mailman/listinfo/vpn-help _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
