IPSEC tunnel not reliable

  • My IPSEC tunnel between 2 pfSense 2.3.3 boxes works.
    I can ping the other site, RDP into some servers at the other side. Life looks good.
    One Win2012R2 server keeps complaining with 'Internal error' when starting a TS session. Others do not.
    NFS traffic keeps failing.
    File transfers often fail.

    The logs show no error whatsoever. All seems good.
    All these problems do not occur when accessing the remote site with a mobile IPSEC connection (agressive mode, AES256, SHA1, DH2)

    Can it be that some kind of encryption interferes with the main mode IPSEC tunnel (AES256, SHA256, DH5)?

  • Did you clamp the MSS at 1300 under advanced settings on both sides? this helps a lot with RDP and other finicky protocols. and increases speed a lot.

  • That worked! Thanks :)

Log in to reply