Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN functionality issues with different applications 1

Status
Not open for further replies.
VTALsupport

VTALsupport

IS-IT--Management
Aug 19, 2008
2
US
I manage a VPN WAN using Nortel COntivity 221 and 1010 routers. After moving our hub recently I have one site that pulls up the VPN but will not function normally in all applications. E-mail doesn't work at all across the VPN, and Remote Desktop works partially; it begins to load the screen but never gets to the login screen. The router gives me this message:

08/18/2008 11:02:41 0 PPPoE [02] Dropping PPPoE tx packet on devLoc 257 because the packet length 1502 exceeds the max 1494
08/18/2008 11:02:28 0 PPPoE [02] Dropping PPPoE tx packet on devLoc 257 because the packet length 1502 exceeds the max 1494
08/18/2008 11:02:21 0 PPPoE [02] Dropping PPPoE tx packet on devLoc 257 because the packet length 1502 exceeds the max 1494

The MTU and MSS settings are identical to all our other routers, which are functioning normally.

I can ping the computers at this location, and can also open the management interface on the router, but these other functions, which require different ports, don't work any more.

Any ideas?

 
Sort by date Sort by votes
They look like extra data in the IP header, like VLAN tagging. Either do an extended ping with the df bit set to determine the MTU, or adjust the mtu and mss lower than 1494 (like 1492 for mtu and 1452 for mss).

Burt
 
Upvote 0 Downvote
THanks to Burtsbees for this suggestion. It was so simple, but when I had experimented in the past I had tried INCREASING the MTU setting, thinking that what I was doing was allowing slightly larger packets to come through. It didn't occur to me that REDUCING the packet size would allow it to process correctly through other checkpoints. Everything is running as it should!


VTALsupport
 
Upvote 0 Downvote
Well, with TCP's functionality with sequence numbers, it is able to put packets back together when fragmented, so really any size can go through. You just don't want to overload the router by setting it too low, like 8...lol.

IP is 1492, unless there's extra data. VLAN tagging is just one example. Another tool that is a free download is called TCPDoctor (I think), which you can use to tweak MTU on a pc as well.
Glad it's working!

Burt
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

teknance
  • Locked
  • Question
Discovering Portugal: Uncover Hidden Destinations and VPN Solutions
Replies
5
Views
568
GlobeTrekkerGal
GlobeTrekkerGal
sarahz2
  • Locked
  • Question
Best vpn safe and fast
Replies
4
Views
408
GlobeTrekkerGal
GlobeTrekkerGal
MP2023
  • Locked
  • Question
How to Create an site to site VPN
Replies
1
Views
345
sircles
sircles
ramblingrebel
  • Locked
  • Question
Built-in Windows 10 VPN
Replies
1
Views
316
Joon Smith
Joon Smith
LearningNetworking
  • Locked
  • Question
Linking Hosts on the same subnet via VPN
Replies
0
Views
376
LearningNetworking
LearningNetworking

Part and Inventory Search

Sponsor

Back
Top