    I’ve searched these forums for this issue but I’ve not found anything similar. But I may have missed something. 😉

    I’m trying to setup a basic ZS box as a router with QoS, I’m not using the proxy or captive portal.

    Anyway, the problem is as follows: I have a cable connection with DHCP, my box has two NICs. ETH00 is connected and getting an IP address from the modem, ETH01 is setup to be the LAN interface providing DHCP and DNS. I setup a NAT with ETH00 in the Router section and I can get outbound and inbound traffic on most protocols (IMAP, POP, AIM, Xfire, Yahoo and MSN all seem to work). I can even ping outside hosts from my client boxes using BSD ping utility. But if I load a browser and try to navigate to a web page it just times out.

    HTTP Proxy is off, so is captive portal. It’s not a DNS issue, I can do an nslookup of a URL and try to input the IP Address directly into the web browser with no results.

    I’m stumped, but given the time of night I’m probably missing something.




    ping -s 1600 externalhost

    (-l if you are using Windows).

    It could be a MTU/fragmentation issue.



    I think you hit it. With the packet size set to 1600 I get a “message too long” error back.

    Do I need to adjust my MTU size down?

