I’ve been having some problems trying to get a PPTP connection to work … here’s the basic setup:
central site has a fixed IP on a cable modem, I forward PPTP to the MikroTik behind it; MTU on that physical link is 1492
remote site is on a dynamic IP also with NAT; MTU in the test is 1500, but in production could be lower (down to ~1440)
PPTP connection is coming up fine, bridging of LAN segments between the two locations also works fine - except for actual Internet access. I’m assuming MTU problems, but all the attempts to limit the MTU on LAN segment interfaces, the bridge interface or where ever else failed. The devices have these interfaces in use:
central: WAN uplink (eth3), LAN segment (eth2), PPTP, bridge (with the eth2 and PPTP in it)
remote: WAN uplink (eth1), LAN segments (eth2, eth3), PPTP, bridge (with eth2, eth3 and PPTP in it)
What do I have to do to actually get the end devices adjust their MSS to what will go through the PPTP connection? Do I need to set up some firewall rule to get the router to force reduction of MSS?
As we couldn’t solve the cause of the problem, we have since switched to OpenVPN as basis for the bridging … not any more complicated (if not even easier to configure), and worked right away… no MTU problem/delays anymore with otherwise unchanged lines …
Sounds like a routing issue more than anything. We’re you experiencing limited or no connectivity under the MikroTik?
Also every layer 3 device will fragment IPv4 unless the DF bit is set in the packet. For average HTTP internet traffic you shouldn’t have experienced a problem with MTU unless you had a segment below minimum MTU.
Routing was fine … problem only occurred on larger packets that caused fragmentation … anyway, I put way too much time into trying to fix the problem with PPTP, where all I needed was a working solution, OpenVPN solved that …
As a follow up on this post, I have also encountered problems with PPTP relating to large packets and MTU/MRU issues.
In your original post, you did not indicate what version of RouterOS you were using. From what I’ve seen, it appears that a problem with PPTP was introduced in recent versions of RouterOS that cause large packets to not be handled correctly when sent over a PPTP connection. I do not believe this problem was related to the bridging you set up, but is instead PPTP related. The fact that you got a similar bridge configuration to work with OpenVPN seems to confirm this conclusion.
I have provided more information in the response I submitted to another posting: