SonicWall VPN says Fragmented Packet Dropped

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
SonicWALL Firmware 5.1.7.0

When I attempt to connect to the VPN, I'm getting the error message
"Fragmented Packet Dropped" in the device logs.  I tested this from my
client behind a Cisco ASA at the office, and a Linksys SOHO device from
a neighbor's house.  Same error message both times.

I *do* have the "Allow Fragmented Packets" option on "Over IPSec"
checked, which I thought would have been the solution.  But having that
option selected does not appear to make any difference.

Any ideas where I go from here?

Thanks,
Scott

Re: SonicWall VPN says Fragmented Packet Dropped
No ideas from anyone?  Should I sniff the packets?  If I do, is there
even anything I'm going to find out from those packets if I do go about
collecting them?  I imagine that it'll only confirm that the packets are
fragmented, and not necessarily showing me how to resolve it.

Thanks,
Scott


Scott Moseman wrote:
 >
 > SonicWALL Firmware 5.1.7.0
 >
 > When I attempt to connect to the VPN, I'm getting the error
 > message "Fragmented Packet Dropped" in the device logs.  I
 > tested this from my client behind a Cisco ASA at the office,
 > and a Linksys SOHO device from a neighbor's house.  Same error
 > message both times.
 >
 > I *do* have the "Allow Fragmented Packets" option on "Over
 > IPSec" checked, which I thought would have been the solution.
 > But having that option selected does not appear to make any
 > difference.
 >
 > Any ideas where I go from here?
 >
 > Thanks,
 > Scott
 >

Re: SonicWall VPN says Fragmented Packet Dropped
Scott Moseman wrote:
Quoted text here. Click to load it
Tried dropping the mtu size on the PC so that the packets don't get
fragmented ?
simon

Re: SonicWall VPN says Fragmented Packet Dropped
So the reason for the fragmented packets is, potentially, due to the MTU
size on my PC being larger than the MTU along the path somewhere?  I
will play with that and see what I can break.

Thanks,
Scott


Simon wrote:
Quoted text here. Click to load it
 >

Re: SonicWall VPN says Fragmented Packet Dropped
Scott Moseman wrote:
Quoted text here. Click to load it
Hi,
how did you get on ? I found in the past that some applications (Lotus
Notes was a common one) would use the largest packet they could, by the
time it's been wrapped up in the security etc it always needed
fragmentation. Might be worth checking that icmp messages are turned on
the vpn router - these should tell the client to reduce the mtu.
simon

Site Timeline