Ah, that's useful to know. The Juniper NC protocol (what OpenConnect implements) has a mechanism for the server to tell the client what MTU to use, but no mechanism AFAIK for the client to tell the server what MTU it thinks it has at the IP level — unlike AnyConnect which has both.
This makes the Juniper protocol pretty bad for negotiating a usable MTU. (GlobalProtect protocol is even worse, though.) ``` $ openconnect --prot=nc -vvvv juniper.company.com ... Received MTU 1400 from server ``` -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1814502 Title: VPN does not work with MTU of 1400 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openconnect/+bug/1814502/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs