[vpn-help] Require help with troubleshooting samba shares over ipsec
C.Hoffmann at ProSeS.de
C.Hoffmann at ProSeS.de
Mon Aug 30 03:20:09 CDT 2010
Hi Brett,
Best tool to hunt for MTU issues on Windows OS is mturoute (http://www.elifulkerson.com/projects/mturoute.php) with the "traceroute" switch -t. It will detect between which routers a MTU reduction takes place. In the case of VPNs you need to first check the public IP (remote gateway), and then private ones.
Clemens Hoffmann
________________________________________
Von: vpn-help-bounces at lists.shrew.net [vpn-help-bounces at lists.shrew.net] im Auftrag von Brett Morrison [bretmorr at hyne.com.au]
Gesendet: Montag, 30. August 2010 02:08
An: Matthew Grooms
Cc: vpn-help at lists.shrew.net
Betreff: Re: [vpn-help] Require help with troubleshooting samba shares over ipsec
Hi Matthew
Have given this another go from home on the weekend, appears that MTU
may be the issue. The 1500 byte ping does not work, dropping it below
1000 works though, so I am assuming the MTU is set too high on the
server?
I'll bounce this off of our app server hosting guys.
Cheers,
Brett
-----Original Message-----
From: Matthew Grooms [mailto:mgrooms at shrew.net]
Sent: Tuesday, 24 August 2010 2:16 PM
To: Brett Morrison
Cc: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] Require help with troubleshooting samba shares
over ipsec
On 8/20/2010 2:00 AM, Brett Morrison wrote:
> Hi Matthew
> Just an update on this situation.
> We have tried another couple of changes, but nothing seems to help.
> We have also tested Shrewsoft VPN 2.1.6 (as per your link) on a win XP
> sp3 machine, and this suffers the same problem.
> As noted previously this was not a problem with Juniper Netscreen
Remote
> Client, which connects to the same gateway, using the same user
> accounts. But I have never liked Netscreen...
> Do you have any other ideas at the moment?
Hi Brett,
Sorry for the delay. I have been extremely busy the last week. As for
your issue, here are a few more things to try.
1) Can the client host resolve the samba server using netbios or is it
only accessible using the IP address? If the latter is true, have you
tried manually adding an entry to the smhosts file and then trying to
access the samba share?
2) Can you ping the host using a 1500 byte packet size ( ping -l 1500
x.x.x.x )? If not, then this very well still be MTU related.
-Matthew
############################################################################################################
Attention:
Hyne and Son Pty Limited trading as Hyne Timber reserves the right to monitor all e-mail communications throughout its corporate network. This e-mail and any attachments are confidential and may be privileged in which case neither is intended to be waived.
If you are not the intended recipient (or responsible for delivery of the message to such person), any use, interference with, disclosure or copy of this material is unauthorised and prohibited.
If you have received this communication in error, please notify us immediately by return e-mail, and destroy the original communication.
This communication has been scanned and cleared by Hyne Timber's corporate virus scanning software, however it remains your responsibility to scan for viruses and other defects prior to use. Hyne Timber shall not accept any loss or damage caused directly or indirectly to you or any third party by this communication.
Any views or opinions presented are solely those of the sender, unless stated otherwise and the content may not necessarily represent the views of Hyne Timber.
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
http://lists.shrew.net/mailman/listinfo/vpn-help
More information about the vpn-help
mailing list