rexy74
commented
8 years ago This issue is also describe on #301 The patch of Baligh GUESMI (gbaligh) seems to work. Thx
Closed rexy74 closed 8 years ago
rexy74
commented
8 years ago This issue is also describe on #301 The patch of Baligh GUESMI (gbaligh) seems to work. Thx
Hi, With coova 1.3.1.4 an issue was closed (fragmentation of some UDP packets). Great Nevertheless, an IPSEC VPN can't be established for an authenticated user with coova. We investigated and we saw that coova drops some inbound UDP big packets (from Internet to LAN of users). You can see that on the following picture (2 pcap files from each sides of coova). You can see that the 7th & the 11th frame of "wan-side-ipsec" are 'eaten' by coova. These frames come from Internet (78.98.27.22) and are never seen on LAN side ("lan-side-ipsec". In the other direction, all is ok. So the VPN can't be established because the certificate of the VPN HUB is never received. The VPN is natted on UDP 4500 (nat-traversal). All is ok wihout coova.
Thanks for your works PS : perhaps, this issue can enhanced the behaviour when coova is connected on an Gb NIC (all the jumbo frames are dropped).
Rexy - ALCASAR leader project (using coova of course)