Written by James McDonald

November 30, 2022

I was trialing a site-to-site IPSec VPN between an Azure two NIC PFSense intance and my UDM (See image)

I found that when I was trying to reach www.postfix.org with browser or ping I couldn’t. I thought it was something to do with have a PFSense / UDM s2s VPN

I tried changing MTU for the UDM to a number of different values but in the end the above was the solution.

But eventually I found that the problem was having IPS turned on. So I’ve turned DPI and IPS off in the UDM (Settings => DPI, Settings => Threat Management) and I no longer lose connectivity to postfix.org via http/s & ping

While Unifi offers enterprise features at just above commodity prices you might have to spend time tracing gremlins to get things working

James McDonald – 2022

Where to go to change MSS Clamping on a UDM

Devices => Select UDM => on Slide out panel select Gear Icon (Config) => Expand Advanced

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Clear HSTS Settings in CHrome

Open chrome://net-internals/#hsts enter the domain in the query field and click Query to confirm it has HSTS settings...

Ubuntu on Hyper-v

It boils town to installing linux-azure # as root or sudo apt-get update apt-get install linux-azure...