Problem with openconnect and NAT for HTTP requests
David Woodhouse
dwmw2 at infradead.org
Thu Jan 12 05:08:57 EST 2012
On Thu, 2012-01-12 at 10:06 +0000, Mark Round wrote:
> You are a genius. Thank you so much! That fixed it. Set MTU to 1200 on
> all interfaces, and we're rocking now. I'm sending you a virtual beer :)
Some moron is blocking ICMP on your network. You have a workaround
(iptables can clamp the MSS), not a fix.
No need for beer. Instead do me — and the whole world — a favour by
finding out where and why ICMP is blocked, and fixing it.
A little percussive education is sometimes needed, but it's worth it to
stop this brain damage from spreading ☺
--
dwmw2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5818 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20120112/210830c3/attachment-0001.bin>
More information about the openconnect-devel
mailing list