[ale] VPN+wireless is *really* slow

[Joe]

Hi folks,

I've finally taught my Linux firewall and my WinXP box to talk to each
other via IPsec over a wifi connection. Due to M$ idiocy, this
involves tunnelling PPP in an L2TP tunnel which is in turn being piped
through an IPsec tunnel; all this, as you might imagine, lends a whole
new meaning to the phrase "configuration nightmare". What fun. Only
took five days to get it right. But boy, when it started working I
just about jumped out of my pants.

However, I have a problem. My favorite thing to do with the XP box is
to fire up VNCviewer and use my Linux boxen remotely. But here I am
screwed, it seems. If I run the IPsec tunnel over a 10baseT
connection, or if I run wifi with no IPsec, VNC works fine. But if I
run my VNC session over IPsec+wifi, VNCviewer just sits there forever
saying, "Please wait, initial screen loading." Tcpdump reveals that
only a tiny fraction of the expected VNC traffic is actually leaving
the server (which, incidentaly, lives on my 10baseT LAN behind the
IPsec<-->wireless firewall).

I suspect this has something to do with MTUs and/or fragmentation, but
I could be wrong, and my clue supply has run out. Any help?

Thanks,

-- Joe Knapka
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale