From: Nate Carlson (natecars_at_natecarlson.com)
Date: Thu Oct 10 2002 - 19:33:39 CEST
On Thu, 10 Oct 2002 mlafon_at_arkoon.net wrote:
> In fact, some replies have reached the remote host because we have
> established an ISAKMP SA.
Yeah, I looked closer at the logs (on both the Linux gateway and in SSH
Sentinel) and saw that there was indeed some exchange.)
> But i see retransmissions and an ICMP error message (Type 11 - Code 1 ==
> Time Exceeded / Fragment Reassembly Time Exceeded).
>
> Perhaps the GPRS router has problems with fragmentation. Do you use x509
> ? Do you know the PMTU (Path MTU) when using GPRS ?
Yes, I'm using X.509. Any idea how to get the PMTU out of WinXP? I'm using
an infrared link between a laptop and a Ericsson T68m.
> Try to launch 'tcpdump -n port 500 or icmp' to have more informations on
> when/why it fails.
Good idea, I'll see what I can do once I get time to reboot my laptop to
Windows again. :) Thanks for the tips! (Actually, I'll have to update
FreeS/WAN et. al. on my laptop to support NAT-T.. then I can test from a
real os. Yay!)
------------------------------------------------------------------------
| nate carlson | natecars_at_natecarlson.com | http://www.natecarlson.com |
| brainbench mvp for linux admin -- http://www.brainbench.com |
| Depriving some poor village of its idiot since 1981 |
------------------------------------------------------------------------
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Fri Oct 11 2002 - 05:20:24 CEST