You are not logged in.
- Topics: Active | Unanswered
#1 Today 08:31:49
- miboco
- Member
- Registered: 2025-01-30
- Posts: 11
Problems with an Arch Linux Workstations on a site to site vpn tunnel
Hi everybody,
we have a problem with an Arch Linux workstation on a site to site vpn tunnel to one of our customers. The customer finally has dropped his old OpenBSD firewall for a Netgate box and with that we had changed the existing site to site tunnel from IPSecv1 to IPSecv2. Our Mac, Windows and iOS devices are running fine through the tunnel but we habe trouble with our Arch boxes:
Ping: OK
imap & smtp: OK
smb: downloads: OK, uploads: timeout
https: timeout during tls handshake
ssh: timeout
Remote desktop protocols: timeout
We already had posted this problem on the Netgate forums but after three weeks without any replies we hope that somebody here can help with some insight...
Best regards,
Mike
Offline
#2 Today 10:53:33
- -thc
- Member
- Registered: 2017-03-15
- Posts: 1,088
Re: Problems with an Arch Linux Workstations on a site to site vpn tunnel
Best guess: Path MTU with the new tunnel is broken.
Try
ping -4 -s 1492 archlinux.orgThat will probably fail.
Reduce the payload value drastically (1450 or 1420). If the ping goes through, gradually raise the value until you pinpoint the exact value beyond no ping will go through. Add 8 to that value and you have the MTU for that tunnel - configure the Arch network connection accordingly.
Offline
#3 Today 14:54:01
- miboco
- Member
- Registered: 2025-01-30
- Posts: 11
Re: Problems with an Arch Linux Workstations on a site to site vpn tunnel
Hi -thc,
looks like a well educated guess - highest value for -s is 1400 on the arch box. Will try to edit the configuration in the next days and report back if the problem is fixed.
Best regards,
Mike
Offline