OpenConnect ignores the gateway's proposed MTU

David Woodhouse dwmw2 at
Fri Feb 15 09:28:15 EST 2013

On Fri, 2013-02-15 at 15:21 +0100, Michael Helmling wrote:
> when connecting to a VPN server with OpenConnect, the MTU on the created 
> tun interface is too high (1418) and TCP connections are broken as soon 
> as large packages are transmitted. The gateway operator told me that the 
> gateway sends a MTU of 1330 which is also what the Cisco AnyConnect 
> client sets on the cscotun0 interface. Manually setting the MTU to 1330 
> on OpenConnect's interface fixes all problems.

Please could you send me a log of OpenConnect (preferably 4.08 or 4.99)
doing the wrong thing, with the '-v' argument?

Can you make sure you have an up-to-date version of vpnc-script which
honours the $INTERNAL_IP4_MTU environment variable?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6171 bytes
Desc: not available
URL: <>

More information about the openconnect-devel mailing list