CentOS uses PPTPD to configure the VPN. by default, the MTU is too large, leading to problems that some websites cannot be opened.

For some reason, the background of many websites is restricted by IP login. We also set this. At the beginning, login in the office was restricted, resulting in many colleagues

For some reason, the background of many websites is restricted by IP login. We also set this. At the beginning, it was limited to logging on to the office. as a result, many colleagues may not log on to the background in case of an emergency. So now we have configured a VPN server so that everyone can access the background through VPN at home.

However, because I don't know why, the access was smooth at the beginning. A few days later, I found my website could not be opened. You can ping the IP address of the website. The vpn ip can also be pinged. The cause was found after a long time.

It turns out that the default MUT value is too large.

The solution is to reduce MTU by three methods:

1. if iptables is enabled (verified)

Iptables-a forward-p tcp-syn-s 10.0.0.0/24-j TCPMSS-set-mss 1356
Replace the bold part with the IP address segment of your pptp client.

2. Add before exit 0 in/etc/ppp/ip-up (verified)

Ifconfig $1 mtu 1356

There is a line in ip-up:
[-X/etc/ppp/ip-up.local] & amp;/etc/ppp/ip-up.local '$ @"
So adding ifconfig $1 mtu 1356 to the ip-up.local file also works.

3. set in the PPTPD configuration file:

Open/etc/ppp/options.ppt pd
Add mtu1356 at the end of the file

However, after such settings, we also found a problem. That is, you cannot connect to the VPN through your mobile phone. I don't know why, and the connection fails every time. Please solve it !!