Looking for a push in the right direction with my VPN.... (fwd)

Sandy Harris sandy at STORM.CA
Wed Aug 2 16:57:22 EDT 2000


"DePriest, Jason R." wrote:
>
> I have a similar issues that I would like some opinions on.
>
> We are using PowerVPN 6.5 running on a Windows NT system.  The MTU at the
> router is set to allow standard ethernet 1500.  And, of course, the client
> operating systems (Windows 9x and Windows NT) automatically set the don't
> fragment flag on the ESP traffic.

Are you saying Microsoft ignore RFC 2401, page 48?

	".. an administrator should be able to configure .. treatment of
	the DF bit (set, clear, copy from encapsulated header) for each
	interface"

If so, complain to their tech support.

> The problem is this, when using a dial-up connection with a default MTU 576,
> I have no problems.  I can use Outlook 2000 to access my Exchange email, I
> can NET USE to map to shared resources, I can use IE5.01SP1 to access the
> Intranet, and I can use the SNA client to access mainframe sessions.
> When trying to through Road Runner with my cable modem, however, things
> change.  Name resolution has a tendency to fail.  My Outlook 2000 only stays
> up for about 60 seconds and then it locks up.  NET USE says "The network
> name is no longer available."  I can access the Intranet, but only by IP
> address and not by regular URL.  SNA client tells me it cannot establish a
> connection.
>
> Any ideas?  Think this is also an MTU issue?  Or could it be something else?

It sounds more like a DNS issue. IP addresses work, but names don't, so I
would suspect broken name lookup mechanisms.

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list