I have been running PPPOE for several years with private IP clients, natting at the pppoe server. Today I added some public addresses to a new pool and assigned that public pool to my pppoe server. Everything worked as planned until customers tried going to secure sites or yahoo. The symptom is similar to having TCP-MSS turned off at the concentrator.
Config 1
This works:
Private IP
CPE/PPPOE Client------------------PPPE Concentrator Natting-----Internet
Config 2
This doesn’t work:
Public Address
CPE/PPPOE Client------------------PPPE Concentrator-----Internet
Then, I tried this:
Public IP
CPE/PPPOE Client------------------PPPE Concentrator Natting-----Internet
And it works. Natting a public IP at the PPPOE server works but without NAT it doesn’t. I have tried all the mangle rules to change the MSS, even tried manging the MSS at the concentrator, doesn’t work.
This isn’t a routing issue as I can assign one of these IP’s to the client interface without PPPOE and it works fine, this is a ppp related problem.