HL7 packet error in ipsec vpn

Mattia Minervini
Mattia Minervini used Ask the Experts™
We are facing a problem exchanging information in HL7 protocol in a standard environment listener\receiver.
Our application works fine on a plain network, get some errors on an ipsec vpn tunnel.
I'm not an expert, seems to be a problem related to packet fragmentation, any packets are truncated and cannot be managed.
this no happens on the same lan, so we are pointing to MTU or SECURITY CONTROL applied on vpn.
Can you help me ?
Sorry , i'm not providing many details, please ask me what you think is important..
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
nociSoftware Engineer
Distinguished Expert 2018

(I am not a HL7 user, but do emply protocols over tunnels).
if packets are too long they cannot pass a tunnel. tunnels require a smaller MTU.
In the case of TCP PMTU might help in transferingsmaller segment.
If HL7 is not a IP protocol there will be a proble anyway as IPSEC tunnels regularly are Layer 3 (IP).

AFAICT HL7 accross an internet connection between two parties is a minefield anyway, as even if both parties use the same software, local configuration can still differ in implementation causing problems.


so i need to set the same MTU:
-  on server's network adapter of sender
- on firewall
- on router
-on router
- on firewall
- on server's network adapter of receiver?

can internet carrier "cut" my packet?

which is the simple way to test packet dimension in all those hops?

sorry for my english, thanks for your help
Problem was solved by disabling some security settings on vpn tunnel

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial