How To Disable TCP-MSS (Minimum Segment Size) Adjust for VPN Traffic

Description

SonicWall allow users to change the default MSS for VPN traffic with enabling the option do not adjust TCP MSS option for VPN traffic in the diag page, then MSS should be determined by the end points in the TCP three-way handshake. 

Resolution

  1. Get the Hidden Diag page:

Log in to SonicWall, and instead of "main.html" use "diag.html" (for example when the device has an IP address 192.168.1.1 go to https://192.168.1.1/diag.html).

Image

  1. Then click on "Internal Settings" and scroll down to VPN settings.

Image 

       3: Check Do not adjust TCP-MSS (Minimum Segment Size) option for VPN traffic.

Image

  1. Click Accept at the top of the page and click close.

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community