Hi Marcel, With 2.2-rc2, there is new hash algo supported... (See https://lists.shrew.net/pipermail/vpn-help/2012-December/014061.html )
Regards, On Thu, Feb 21, 2013 at 3:49 PM, Zweerde, Marcel van de < [email protected]> wrote: > Hello,**** > > ** ** > > I’m having some problems with fragmented traffic (and disconnects)**** > > ** ** > > Config:**** > > Firewall:**** > > Netscreen 320M 6.3.0r9.0**** > > Block Fragment Traffic Enabled in screen settings for the Untrust interface > **** > > ** ** > > Client:**** > > Win7 client (etc.)**** > > Client 2.2.0-rc-2**** > > ** ** > > Problem:**** > > The setup is working correctly (except for some random?!? disconnects) if > i disable “Block Fragment Traffic” but it seems slow. **** > > When “Block Fragment Traffic” is Enabled on the Netscreen the tunnel > connects but i get fragmented UDP traffic alarms on the Netscreen and there > is no traffic through the tunnel.**** > > ** ** > > To remedy the situation i tried to lower the MTU setting to 800 as a test > in the client but that doesn’t seem to work.**** > > The MTU value for the virtual adapter changes in the registry but the log > says otherwise?!?**** > > ** ** > > Interesting log entry’s:**** > > A*p*apter ROOT\VNET\0000 MTU is 1500**** > > ** ** > > Send NAT-T:IKE packet XXXX:4500 -> XXXXX:4500 ( 1548 bytes )**** > > Fragmented packet to 1514 bytes ( MTU 1500 bytes )**** > > Fragmented packet to 82 bytes ( MTU 1500 bytes )**** > > ** ** > > How can i resolve this? (hopefully without changing anything to the pc > config itself)**** > > ** ** > > ** ** > > (Maby the disconnects are related to the fragmenting?, the client says the > Netscreen ended the connection but the Netscreen doesn’t log anything.)*** > * > > ** ** > > ** ** > > ** ** > > Thanks for the great software!**** > > ** ** > > Max**** > > > p.s. The Howto_Juniper_SSG / Create_a_Phase1_ID doesn’t really mention the > “Number of Multiple Logins with Same ID” setting, that was the reason i > could only login with 1 user at a time, maby an update of the Howto is in > place?**** > > ** ** > > _______________________________________________ > vpn-help mailing list > [email protected] > https://lists.shrew.net/mailman/listinfo/vpn-help > >
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
