During upgrade to UTM 9.405, Sophos fixed som MTU issues for Amazon, this was about getting the MTU values from the ISP DHCP server, problem is that some ISP’s use a value of 576, which is wrong, as it should be 1500 in most cases.
Until the release of todays 9.407-3,they introduced the fix “NUTM-4992”, which introduces a new confd parameter:
The “mtu_auto_discovery” flag.
1 = Take interface MTU from DHCP and overwrite value in confd (default)
0 = Do not take interface MTU from DHCP (Allows manual setting in Webadmin)
So how to fix this (Only if you have the issue, static wan links does not and many DHCP WAN links does’nt either 🙂 )
Login as loginuser then root in ssh shell:
cc
RAW
lock_override
OBJS
interface
ethernet (or cable, or other type)
REF_ (Tap TAB two times – then you can see the interface list. Mine is called “REF_IntCabExternaWan[WAN,interface,ethernet]”
(You will get a look like this:)
‘additional_addresses’ => [],
‘bandwidth’ => 0,
‘comment’ => ‘Added by installation wizard’,
‘inbandwidth’ => 100000000,
‘itfhw’ => ‘REF_ItfEthEth1’,
‘link’ => 1,
‘mtu’ => 576,
‘mtu_auto_discovery’ => 1,
‘name’ => ‘WAN’,
‘outbandwidth’ => 20000000,
‘primary_address’ => ‘REF_ItfPri000024’,
‘proxyarp’ => 0,
‘proxyndp’ => 0,
‘status’ => 1
}
Then write:
mtu_auto_discovery=0
w (write the changes)
Now go into Webadmin and find the WAN link, change the MTU under Advanced to 1500 and voila! 🙂
I’m pretty sure I chose the right interface. I tried it but I couldn’t.
Is there an idea why changing MTU has no effect?
If changing the MTU has no effect in WebAdmin and it’s still on 576, then you have not set mtu autodiscovery flag to zero on the correct interface. Remember first set the flag, save it, then go to Webadmin and set the correct value afterwards 😉