Menu
▾
▴
Re: [IPCop-user] VPN (ipsec) error: "not enough room in input packet"
|
From: Administrator <ad...@di...> - 2007-10-18 10:30:26
|
Sorry. Yes, you're right. It's not in the web GUI. Best option is to identify which ipsec interface is used, and edit the file /etc/rc.d/rc.firewall.local to set the MTU of this interface. You need to do both ends as the MTU setting only affects traffic in one direction (I can't remember which). David -- D.S. Hodgson - different perspectives > -----Original Message----- > From: Alan Dayley [mailto:ad...@gm...] > Sent: Thursday, October 11, 2007 5:48 PM > To: ad...@di... > Cc: ipc...@li... > Subject: Re: [IPCop-user] VPN (ipsec) error: "not enough room > in input packet" > > Administrator wrote: > >>> the VPN tunnel at both ends. I reduced the MTU to 1200 > >> both ends and > > > > I didn't look for the error messages ... > > > > The fix costs nothing, risks little and takes a few minutes to try. > > I don't see where the MTU size can be adjusted in the IPCop > GUI. I'll be happy to do it in the configuration file, if I > knew where that is. > I'll go read up on it. If you have any pointers, I'd appreciate them. > > > It's a wierd problem you have. To analyse it, you may need > to either > > look through the source code to find exactly what its complaining > > about, or try the ipsec specific mailing lists (e.g. openswan). > > The #openswan channel denizens were helpful but also puzzled. > I may have to join their mailing list. > > > This problem is rare and seems to have received only one > response on > > openswan > > http://lists.openswan.org/pipermail/users/2006-October/010883.html > > Thanks for the pointer. That discussion goes off in a > direction that I don't think applies to me. But, I'll read > it again today. > > BTW, the connection is still functional despite the continued > errors and re-starts all through the night. > > Alan > > |
