Invalid Packet Size

zappu
zappu Posts: 27  Freshman Member
First Anniversary Friend Collector First Comment Zyxel Certified Network Administrator - Security
edited April 2021 in Security

Dear users,


I have an issue, I have at home a Zywall USG100-PLUS and I'm trying to connect via SSL VPN, with SecuExtender, but is not working. Every time I receive this error: SSL tunnel receives a packet with invalid packet size.


Can someone help me with this issue ?


Thank you


Kind regards,

Alex

«1

All Replies

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited August 2019

    Are you using the newest SecuExtender and firmware 3.30(AACV.7)C0 ?

    Maybe try changing your MTU

    Or set your NIC to disable jumbo frame.

  • zappu
    zappu Posts: 27  Freshman Member
    First Anniversary Friend Collector First Comment Zyxel Certified Network Administrator - Security

    Hello Peter,

    Sorry for my late reply. As a Firmware Package it shows me these:

    Boot module: 1.17

    Current version: V3.30(AACV.6)

    Do I need to have 3.30 (AACV.7) ? As for SecuExtender, yes I have the latest for SSL VPN.

    The part of MTU or NIC where I can find it ?


    Thank you

    Regards,

    Alex

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited August 2019

    In windows try this in CMD run as admin

    netsh interface ipv4 set interface "Local Area Connection" mtu=1492

    check here that its done

    if you run SecuExtender in your LAN to USG100-PLUS does it connect fine?

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @zappu

    Welcome to Zyxel Community. ?

    The SeueExtender establish tunnel via virtual NIC ”Tap-Windows Adapter V9 for Zyxel SecuExtender”.

    Can you post your MTU value on that virtual NIC?


    Control panel > Network and Internet Connection > Network connection 

    click “configure ” to see the MTU value.


  • zappu
    zappu Posts: 27  Freshman Member
    First Anniversary Friend Collector First Comment Zyxel Certified Network Administrator - Security

    Dear guys,

    Here is the picture from my friend and it seems, it doesn't work also with modifications.


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @zappu ,

    Can you send me your configuration file via private message. 

    Let me have a quick lab test with your configuration file.

  • zappu
    zappu Posts: 27  Freshman Member
    First Anniversary Friend Collector First Comment Zyxel Certified Network Administrator - Security

    Hi @Zyxel_Cooldia,

    I sent you via private message the both files that I have in my router.

    Anyway yesterday night when I test it, I mean 1st I modified in my router on WAN from 1500 to 1400 and my Internet goes down and then I put it back to 1500. As for LAN when I modified from 1500 to 1400, 1392, 1370, 1300 or 1000, it works to connect to my LAN, but after 18 seconds he disconnected automatically and on my logs I received same error as the 1st one that I have put in my 1st message.

    I hope you can help me with this issue :).

    Thank you

    Regards,

    Alex

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @zappu ,

    As I remote check, the settings is good, and the tunnel uptime is around 20 minutes after I establish SSL VPN tunnel. Can you try to connect SecuExtender again with other pc?

  • zappu
    zappu Posts: 27  Freshman Member
    First Anniversary Friend Collector First Comment Zyxel Certified Network Administrator - Security

    Dear Chen,

    I made the tests and it seems is not working.

    Please find attached the pictures from my friend and also from my router.

    What we can do ??

    Thank you

    Regards,

    Alex


  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @zappu ,

    It may need to remote check on your SecuExtender client, I will contact you via private message.

Security Highlight