PfSense 2.3 upgrade causing intermittent connection issues

  • We are running a pfSense C2758 with two WAN connections (PPPoE).

    Everything has been working fine until last week, when we upgraded the
    pfSense to 2.3 (from 2.2.6). Since then, staff have been complaining
    about intermittent connection timeouts/disconnects.

    It sounds to me like a path MTU discovery problem, and I've been trying
    to investigate the problem based on this assumption. I have lowered the
    MTU on a couple of the PCs in the office (from 1500 to 1452), and that
    seems to resolve the issue for those PCs, and appears to confirm my
    assumption regarding the cause.

    I have then lowered the MTU for the two PPPoE interfaces to 1452, in an
    attempt to work around the problem. Staff are now reporting that things
    are working normally again, with the exception of our IPSec link, which still
    seems to be experiencing intermittent connection timeouts.

    Can anyone shed any light on what changed between the versions that would
    have caused this?


  • Further to the above, we seem to have resolved the IPSec issue by lowering the MSS clamping to 1300 (from 1392).

    However, we're still left puzzled as to how this all worked fine under 2.2.6, and suddenly we need to be manually lowering packet size settings under 2.3.


Log in to reply