SonicWall VPN says Fragmented Packet Dropped

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
Scott Moseman's Avatar (by Gravatar) posted on
October 31, 2006, 6:44 pm
rate this thread
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print
SonicWALL Firmware 5.1.7.0

When I attempt to connect to the VPN, I'm getting the error message
"Fragmented Packet Dropped" in the device logs.  I tested this from my
client behind a Cisco ASA at the office, and a Linksys SOHO device from
a neighbor's house.  Same error message both times.

I *do* have the "Allow Fragmented Packets" option on "Over IPSec"
checked, which I thought would have been the solution.  But having that
option selected does not appear to make any difference.

Any ideas where I go from here?

Thanks,
Scott

Other Related Threads
Scott Moseman's Avatar (by Gravatar) posted on
November 3, 2006, 9:14 am
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print

Re: SonicWall VPN says Fragmented Packet Dropped

No ideas from anyone?  Should I sniff the packets?  If I do, is there
even anything I'm going to find out from those packets if I do go about
collecting them?  I imagine that it'll only confirm that the packets are
fragmented, and not necessarily showing me how to resolve it.

Thanks,
Scott


Scott Moseman wrote:
 >
 > SonicWALL Firmware 5.1.7.0
 > When I attempt to connect to the VPN, I'm getting the error
 > message "Fragmented Packet Dropped" in the device logs.  I
 > tested this from my client behind a Cisco ASA at the office,
 > and a Linksys SOHO device from a neighbor's house.  Same error
 > message both times.
 >
 > I *do* have the "Allow Fragmented Packets" option on "Over
 > IPSec" checked, which I thought would have been the solution.
 > But having that option selected does not appear to make any
 > difference.
 > Any ideas where I go from here?
 >
 > Thanks,
 > Scott

Other Related Threads
Simon's Avatar (by Gravatar) posted on
November 5, 2006, 5:29 am
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print

Re: SonicWall VPN says Fragmented Packet Dropped

Scott Moseman wrote:

Tried dropping the mtu size on the PC so that the packets don't get
fragmented ?
simon


 
Scott Moseman's Avatar (by Gravatar) posted on
November 6, 2006, 2:25 pm
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print

Re: SonicWall VPN says Fragmented Packet Dropped

So the reason for the fragmented packets is, potentially, due to the MTU
size on my PC being larger than the MTU along the path somewhere?  I
will play with that and see what I can break.

Thanks,
Scott


Simon wrote:

 >


 
Simon's Avatar (by Gravatar) posted on
November 7, 2006, 11:50 am
Permalink
Reply to this post Reply Tag this thread to save it in your account Save Printer-friendly version of this post Print

Re: SonicWall VPN says Fragmented Packet Dropped

Scott Moseman wrote:

how did you get on ? I found in the past that some applications (Lotus
Notes was a common one) would use the largest packet they could, by the
time it's been wrapped up in the security etc it always needed
fragmentation. Might be worth checking that icmp messages are turned on
the vpn router - these should tell the client to reduce the mtu.
simon

Other Related Threads

Site Timeline