VPN Connection trough PFSense
i have a setup like this:
Client1 as a part of my LAN - OS: Win7, VPN Software: ShrewSoft
Server 1 in WAN - its a Lancom 1781vaw
Now when i start the connection it ends with a timeout (in Shrewsoft Access Manager):
attached to key daemon ... peer configured iskamp proposal configured esp proposal configured client configured local id configured remote id configured server cert configured client cert configured client key configured bringing up tunnel ... negotiation timout occurred tunnel disabled detached from key daemon
In the ShrewSoft Debugger apears this 4 times:
16/11/14 22:26:21 ii : fragmented packet to 1394 bytes ( MTU 1380 bytes ) 16/11/14 22:26:21 ii : fragmented packet to 1394 bytes ( MTU 1380 bytes ) 16/11/14 22:26:21 ii : fragmented packet to 414 bytes ( MTU 1380 bytes ) 16/11/14 22:26:21 -> : resend 1 phase1 packet(s) [2/2]
Those Packages are also routed to WAN. (checked with Package Capture on LAN and WAN)
I've found something strange:
I enter a MTU in ShrewSoft and netsh interface ipv4 show interfaces displays me the MTU still remain on 1500. Then i try with ping -l1500 and it doesn't work -> 1400 works! So i changed the MTU in Windows Registery to 1380.
I don't have access to the Logfiles from the Server.
But this doesn't help…. Do you have some Ideas? Can you help me?
Remove the cross in this Field works (System- Advanced - Firewall):
Disable Firewall Scrub Disables the PF scrubbing option which can sometimes interfere with NFS traffic.