MSSFIX option doesn't seem to work


I’m using the Pritunl client v1.3.3600.11, I’ve added the mssfix 1300 line to the configuration file (.ovpn), then imported this file and connected to the VPN. When checking the tcpdump of the traffic in the tunnel I’m still seeing the mss sent with value 1460 in the inner (encapsulated) tcp packets, what could be the reason?

This was fixed in the v1.32.3725.2 server release.

@man107 Hi. Did the new version of Pritunl fix your issue?

I still don’t see my the mssfix value in a tcpdump.

@r00ster Nope, I’m still unable to change the mss value on the client side using the mssfix (I have 1.32.3746.95 server version).

@zach Are you aware of this?

The MTU currently can’t be set client side, I haven’t had any issues on configuring it on the server.

For the client the option isn’t currently in the filter at pritunl-client-electron/service/parser
. This restricts the available options to help prevent privilege escalation vulnerabilities. I have added it so it will be available in the next release.

It is an option in the server settings with an enterprise subscription. I have moved the option to the free version but this won’t be available until the next release. You can open the server settings click advanced. Open Chrome Developer Tools and find the Connection MTU field and remove the CSS to display: none .