WinXP/FreeBSD - IPSec Tunnel Over Wireless (MTU Problems?)

• Previous message: Aaron Myles Landwehr: "Re: Make world problems from 4.9 to 5.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 29 Nov 2003 12:21:05 -0500
To: freebsd-questions@freebsd.org

At this point, my problem is more with XP than with FreeBSD,
so this isn't really the proper forum for this question. But
I figure I can't be the first person who's tried to do this,
so maybe someone here can point me in the right direction.

I have a 4.9-S box with a Netgear MA311 wireless card and
a laptop running XP with a Netgear MA521. The 4.9-S box is
connected to the Internet via DSL, and acting as a NAT'ing
router for the other devices in my apartment, including the
wireless interface.

My goal was to encrypt all traffic passing between the
laptop and the FreeBSD box, whether the traffic was destined
for the router or for a host on the Internet. Since WEP has
been shown to be of little value, I decided to do this via
an IPSec tunnel. Through some amalgamation of guides found
through Google, I actually got IPSec up and running between
the laptop and the FreeBSD box. I'm still having a few small
problems (the SA needs some prodding from both ends to come
up) but those I'm sure I can figure out. tcpdump even
confirms that all traffic is going over the tunnel; it sees
only ISAKMP and ESP traffic.

My principle problem is this: Loading web pages such as
news.google.com hangs just about all network I/O. My
SSH sessions hang, web pages will no longer load but,
inexplicably, I can still ping anything local or remote.
Eventually things will come back, but interactive sessions
such as SSH are usually toast by then.

Since web pages reliably manifest the problem, I figure it
has to be an MTU issue. However, if it's an MTU issue, then
large pings should also fail. But I can send pings with that
even exceed the Ethernet MTU without issue. I've tried a
couple different registry key settings for lowering the MTU,
but no luck so far.

Has anyone else set something like this up? Did you run into
any problems like this? Did you find a solution?

-Snow

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

• Previous message: Aaron Myles Landwehr: "Re: Make world problems from 4.9 to 5.1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Query. ... I'm running FreeBSD 4.x. ... the problem i'm having - is that when I boot my Laptop - with the ... sis1: flags=8843mtu 1500 ... # Define the firewall type in /etc/rc.conf. ... (freebsd-net) Query. ... I'm running FreeBSD 4.x. ... the problem i'm having - is that when I boot my Laptop - with the ... sis1: flags=8843mtu 1500 ... # Define the firewall type in /etc/rc.conf. ... (freebsd-questions) Query. ... I'm running FreeBSD 4.x. ... the problem i'm having - is that when I boot my Laptop - with the ... sis1: flags=8843mtu 1500 ... # Define the firewall type in /etc/rc.conf. ... (freebsd-questions) Re: Home Network, step by step? ... which one is my incoming internet connection? ... bfe0: flags=8843mtu 1500 ... >>recognise the information in the FreeBSD handbook. ... > to use one of the computers you already have and NAT. ... (freebsd-newbies) Re: Overheating attributed to Freebsd --sysctl variables notavailable-- ... Considering the high demand for consumer's purchasing 'their' products, ... mishap like "My server can't run at high cpu due to it crashing" is part ... crash or lockup due to heat, don't use FreeBSD. ... > It's a Gateway Solo 450 laptop. ... (freebsd-questions)