Hello guys,
we are facing an issue with remote access VPN and WSL2. The problem is in packet fragmentation. When a TCP packet is originated directly from the windows system it has the correct Maximum segment size value (1310). But when the packet is originated from WLS2 it has MSS 1460. The packet fragmentation does not work and for example, TSL session will fail.
We are fixing it with this workaround script in WSL.
#/bin/bash
ADVMSS=1310
DEFAULT_ROUTE=$(ip route | grep "default")
ip route del $DEFAULT_ROUTE
ip route add $DEFAULT_ROUTE advmss $ADVMSS
:
if ip route | grep -q "advmss $ADVMSS"; then
echo "MSS is ok"
else
echo "MSS is not ok"
fi
Is anyone having the same issue? What is your solution?
| User | Count |
|---|---|
| 26 | |
| 19 | |
| 19 | |
| 17 | |
| 10 | |
| 8 | |
| 8 | |
| 8 | |
| 6 | |
| 6 |
Wed 20 Nov 2024 @ 05:00 PM (CET)
Under the Hood: DO NOT Renew your WAF without watching THIS!!Wed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaSThu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyWed 20 Nov 2024 @ 05:00 PM (CET)
Under the Hood: DO NOT Renew your WAF without watching THIS!!Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cybersecurity: What’s New in Check Point’s Quantum R82Wed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaSThu 21 Nov 2024 @ 02:00 PM (MST)
Denver North: Infinity External Risk Management and Harmony SaaSTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
