TechSpot

VPN Problems

By jonnyboy
Oct 12, 2004
  1. Hoping someone can shed some light on this!

    I have my work laptop with Netscreen Remote installed, connected directly to the Linksys router via 1 of the hard wired network ports.

    I can connect to the VPN at work, and I can ping a number of devices/servers, and I can connect to a UNIX server via Telnet, I can surf the web and I can browse the company intranet - no problems there

    The problems arise when I try to connect to the mail server using Outlook - it just sits there displaying the "Requesting Data" dialog box and never actually makes it to my inbox/calendar etc. I can ping the mail server so there appears to be no connectivity or routing problem. It also seems, if you wait long enough (>15 mins) that it starts to get to the inbox.

    In contrast, if I go back to my old Alcatel DSL modem, attach it to the laptop via USB - everything works, no problems, and hardly any slower than being directly connected to the office LAN!

    I suspect, based on endless reading, that the problem may lie with a mis-matched MTU setting on either the Laptop or the router - but I have tried adjusting the MTU on the Router, no joy and don't really want to mess with the LAN adapter on my work laptop in case it doesn't work when I get back to the office!

    Does anyone, have anything even remotely helpful to suggest? I am completely vexed, and in the past nothing has beaten me for this long! It's been months of trying, playing, leaving it, coming back ... repeat etc etc.

    In desperation ... Jon
     
  2. Nodsu

    Nodsu TS Rookie Posts: 9,431

    The MTU setting can be changed in Windows registry. It will not render your Windows unusable so you can always change it back.

    In registry go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

    Find the subkey that matches your network adapter and add a new DWORD value called "MTU" with a decimal value of 1400 or less.
     
  3. jonnyboy

    jonnyboy TS Rookie Topic Starter

    Why do you suggest <1400?

    I am trying at the moment - thanks!

    - Jon
     
  4. jonnyboy

    jonnyboy TS Rookie Topic Starter

    EXCELLENT!

    MTU set to 1418 - email works with no dramas!

    THANK YOU!

    - Jon
     
  5. jonnyboy

    jonnyboy TS Rookie Topic Starter

    ok ....

    In the registry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic
    es\Tcpip\Parameters\Interfaces

    I changed value of DWORD 'MTU' to 1418

    hey presto ... it worked!!

    Thanks!

    Jon
     
  6. Nodsu

    Nodsu TS Rookie Posts: 9,431

    In my really uneducated guess.. Someone who knows better could ecplain it.
    The default ethernet MTU is 1500. VPN encapsulation is bigger than the default ethernet encapsulation so you get packets which are larger than 1500 and thus you break things that expect to have neat 1500 byte packets.

    I figured this out when we had troubles getting VNC to to run over the WAN at work - it would display only a small corner from upper left of the screen and then hang. The MTU that would work for us was 1432. I suggested < 1400 to be on the safe side.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.