Filter
Top Products
Open Caveats
44
Release Notes for VPN Client, Release 4.0 through Release 4.0.5.D
OL-5450-10
The first command ensures that the target is reachable, and the second
determines whether fragmentation is an issue.
Workaround:
Step 1 Before opening the tunnel, bring down the MTU of the point-to-point interface to
the MTU of the rest of the path to the concentrator (generally 1500). This would
allow large packets to pass through, when using IPSec over UDP. No problems
exist when using normal IPSec or cTcp.
Step 2 Set IP Compression to “LZS” in the VPN Group on the Concentrator. This
decreases the size of the encrypted packet and might allow the smaller packet to
avoid fragmentation. If you are using NAT, switching the NAT method of the
client from cTCP (TunnelingMode=1) to UDP (TunnelingMode=0) might also
reduce the size of the packet.
• CSCdv62613
When you have multiple VPN Client connections behind Linksys Cable/DSL
router, the following problem can occur. Due to a Linksys problem with
firmware versions 1.39 and 1.40.1, making multiple VPN Client connections
enabling the feature “Allow IPSec over UDP” (transparent tunneling) may
cause data transfer problems.
Allow IPSec over UDP is a VPN Client feature that allows ESP packets to be
encapsulated in UDP packets so they traverse firewall and NAT/PAT devices.
Some or all of the clients may not be able to send data. This is due to a
Linksys port mapping problem, that Linksys has been notified of.
Workaround:
Use a newer version of Linksys code (higher than firmware version 1.40.1).
If you must use one of the problem versions, do not use the “Allow IPSec over
UDP” (transparent tunneling) feature when you have multiple VPN Client
connections behind Linksys Cable/DSL router.