SSH session through an IPSec VPN tunnel freezes when command outputs longer text

I connect to a QNap NAS (Ubuntu 4.1.2) in the office through an IPSec tunnel established between two pfSense firewalls. This has worked fine for months. I recently replaced the NAS with a newer model and upgraded the firmware to the latest version. Ever since, when I connect via SSH and run anything that returns more than a few lines of text the SSH connection will die.

This means that it no longer responds to input and the terminal will never time out. The Enter-~-. sequence does not bring it back, either. For example, running ls in the root folder works fine, ls in the /etc/config folder will freeze the console. Running top will freeze the console after about 20 lines.

I tried different clients and this happened with SecureCRT and Putty. When I RDP into a Windows box in the office and SSH to the NAS from there (in the same subnet), this does not happen, and the same commands run just fine.

I found some hints that this might be MTU-related (e.g. in this post), but nothing conclusive that applies to my setup. I will experiment with the MTU settings nonetheless, but in the meantime I figured that maybe someone can offer specific advice.


Solution 1:

I had a similar problem. Connecting to a cisco VPN, sshing in to the remote machine and simply running ps aux would just completely freeze my session.

The solution was indeed to tune the MTU.

On CentOS you have to run ip addr to figure out the current MTU of your different network adapters. And you can change them via sudo ip link set eth0 mtu 1300 (this would set the interface eth0 MTU to 1300, which in my case was the magic number)

Solution 2:

Ha, that was easy. I had the MTU set to 9000 on both interfaces of the NAS. Once I set the MTU size for Interface 2 to 1500, the problem went away.