Central Manager (CMC) to Sensor VPN connection drops periodically


Article ID: 168630


Updated On:


Security Analytics


A Central Management configuration where connections are going across VPN's can cause an issue where the MTU is too large.  A VPN over a VPN may require a reduced MTU value.  The MTU can be reduced to improve the connection quality.  This change is harmless and does not affect anything other than connectivity between the Central Manager and the sensor.  


Typical cause is a VPN created for CMC connection is over a VPN or WAN traffic that uses more space in the header of the packet than expected.




On the sensor that is failing to connect, modify /etc/openvpn/client0.conf and change the value of "mssfix 1450" to "mssfix 1200". Then save the file and run "service solera-openvpn restart"  OR "dsvpn --restart" to restart the VPN service and use the changes made.

The sensor may appear disconnected for a bit but should reappear after a few minutes.  This is the first step to fixing any MTU / VPN issues and it can be done on the sensor alone without making changes to the Central Manager server.


If this does not resolve the issue please see TECH256770