4. IPSEC problem MSS clamping [Solved]

IPSEC problem MSS clamping [Solved]

  • W

    Hi, the MSS clamping not work in pfsense 2.3.1.  not increment IPsec adress computer in table vpn_networks.

    PFSENSE 2.3.1
    table <vpn_networks>{ 10.120.163.0/24 10.120.167.0/24 10.120.168.0/24 10.120.169.0/24 10.120.170.0/24 }
    scrub from any to <vpn_networks>max-mss 1380

    PFSENSE 2.1.4

    table <vpn_networks>{ 10.64.224.177 10.120.163.0/24 10.120.167.0/24 10.120.168.0/24 10.120.169.0/24 10.120.170.0/24 }
    scrub from any to <vpn_networks>max-mss 1380
    scrub from <vpn_networks>to any max-mss 1380

    My IPSEC IP is 10.64.224.177.

    I have upgrade pfsense to 2.3.1

    How to increment on shell the table vpn_networks adress ip computer ?</vpn_networks></vpn_networks></vpn_networks></vpn_networks></vpn_networks>

    0
  • W

    I resolved:
    manually add on the file  /etc/inc/filter.inc

    on line 781 my ip adress:

    $aliases .= "table <vpn_networks>{ 10.64.224.177 $vpns_list }\n";

    And i clicked save buton on Ipsec advanced configuration to validate the configuration

    I ask correction in ipsec for this!</vpn_networks>

    0
  • Rebel Alliance Developer Netgate

    Where exactly is 10.64.224.177 defined? In an IPsec Phase 2 entry?

    0
  • W

    @jimp:

    Where exactly is 10.64.224.177 defined? In an IPsec Phase 2 entry?

    Yes phase 2 entry in ipsec.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy