[Vpn-help] 2.1.5-release and Windows 7 64bit

Rick Kline mondhaschen at gmail.com
Mon Dec 14 12:03:22 CST 2009 

Hi All

A big thanks to Mr. Grooms.

Setting the MTU correctly for my ISP connection worked. Setting the
MTU in the site config only partially worked. I had to use regedit and
set the MTU for the Shrew interface adapter as well.

If you want a more detailed explanation let me know, I used ping,
netsh and regedit.
Could you possibly make setting the MTU part of the preference menu
under the Access Manager?

Thank you

Rick

2009/12/12 Matthew Grooms <mgrooms at shrew.net>:
> Rick Kline wrote:
>>
>> Hi All,
>>
>> I work from home and I'm using 2.1.5-release on Windows 7 64bit. I
>> have a Cisco ASA IPSEC VPN that I connect to.
>> I can connect with shrew and use putty to login to a server, but that
>> is it. As soon as I try another command putty hangs.
>> If I try and connect to one of my tomcat manager pages with IE or FF
>> it stalls and eventually times out.
>>
>> 2 other guys I work with (work at home also), both have w7 64bit, both
>> use 2.1.5-release, both connect to the same
>> Cisco vpn and both can quite happily work all day long on the vpn.
>> I compared my machine to theirs, used their *.vpn and *.pcf files.
>>
>> I thought it might be my ADSL router, I installed the 2.1.5-relase on
>> my XP box and it works ok, I installed the linux
>> 2.1.5-release on my FC11 box and it works ok. I can access via
>> putty/ssh and IE or FF anything on the vpn via these two machines.
>>
>> I tried a fresh install of w7 64bit, ran updates, turned off the
>> windows firewall and installed the 2.1.5-release and putty as the only
>> software.
>>
>> Still the same behaviour, the vpn connects, I can ping a machine on
>> the vpn all day... but when use putty or try and access to the vpn
>> with IE or FF, nothing works and times out.
>>
>> I used the VPN Trace app, the only thing I could see that looked out
>> of order was under the IPSEC Service tab...
>>
>> ignoring ARP request for 192.168.33.1, no policy found (default
>> gateway on the ASA)
>> ignoring ARP request for 192.168.33.150, no policy found (one of our
>> dev tomcat servers)
>> ARP packet has invalid header
>> failed to locate security policy by id XX
>>
>
> Try reducing the virtual network adapter MTU in your site configuration.
> This is sometimes required depending on your internet service provider.
>
> -Matthew
>

More information about the vpn-help mailing list