Home Page › Forums › Network Management › Signal a BUG › ZS version 3.3.x breaks internet access through PPTP VPN › Reply To: ZS version 3.3.x breaks internet access through PPTP VPN
small MTU broke packets,
in version 3.7.1 only 40-50% sites work fine (for pptp clients), another sites not work. And for openvpn mobile client, 50% sites not work if encryption enabled (in my network).
3 way to resolve problem:
1)script in zeroshell sheduler, every 1 min:
iptables -t mangle -I FORWARD -p tcp –tcp-flags SYN,RST SYN -j TCPMSS –clamp-mss-to-pmtu
2) decrease MTU for zeroshell LANWAN and client computers:
3) disable MPPE encryption for PPTPl2tp:
config example in page №3, need disable/enable some settings, and sites will be work fine.