In some situations you may not be able to access the admin web page (http/https) of the remote router over an IPsec VPN tunnel. This usually occurs when the VPN tunnel is established over a fixed wireless broadband connection or over a 3G or 4G broadband connection.  The reason this happens is that fixed wireless and 3G/4G broadband use smaller packet sizes for data transmission. The default packet size that IPsec uses is too large resulting in this error.


To resolve this you will need to adjust the MTU packet size for IPsec data.

Telnet to each router at each end of the VPN tunnels.

Use command below to change the MTU packet size for IPsec.


vpn mss set 3 1250

3: connection type (IPsec)

1250: packets size