IPSEC problem MSS clamping [Solved]



  • Hi, the MSS clamping not work in pfsense 2.3.1.  not increment IPsec adress computer in table vpn_networks.

    PFSENSE 2.3.1
    table <vpn_networks>{ 10.120.163.0/24 10.120.167.0/24 10.120.168.0/24 10.120.169.0/24 10.120.170.0/24 }
    scrub from any to <vpn_networks>max-mss 1380

    PFSENSE 2.1.4

    table <vpn_networks>{ 10.64.224.177 10.120.163.0/24 10.120.167.0/24 10.120.168.0/24 10.120.169.0/24 10.120.170.0/24 }
    scrub from any to <vpn_networks>max-mss 1380
    scrub from <vpn_networks>to any max-mss 1380

    My IPSEC IP is 10.64.224.177.

    I have upgrade pfsense to 2.3.1

    How to increment on shell the table vpn_networks adress ip computer ?</vpn_networks></vpn_networks></vpn_networks></vpn_networks></vpn_networks>



  • I resolved:
    manually add on the file  /etc/inc/filter.inc

    on line 781 my ip adress:

    $aliases .= "table <vpn_networks>{ 10.64.224.177 $vpns_list }\n";

    And i clicked save buton on Ipsec advanced configuration to validate the configuration

    I ask correction in ipsec for this!</vpn_networks>


  • Rebel Alliance Developer Netgate

    Where exactly is 10.64.224.177 defined? In an IPsec Phase 2 entry?



  • @jimp:

    Where exactly is 10.64.224.177 defined? In an IPsec Phase 2 entry?

    Yes phase 2 entry in ipsec.


Log in to reply