Skip to main content

VPN Fragmentation

(2017-04-12)

Problem

VPN throughput is slow and you suspect fragmentation.

Solution

You can influence the MSS (Maximum Segment Size) passed through the VPN by adding qualifiers to the policies governing traffic flow through the VPN.

You can only do this from the cli at present.

eg:

# config firewall policy
# edit <number>
# set tcp-mss-sender 1355
# set tcp-mss-receiver 1355
# next
# end