How can i change MTU of a GRE tunnel interface?

netops-1 · ‎05-29-2024

I have enabled pmtu-discovery as per instructions from this topic Dynamic MTU Configuration in SD-WAN Deplo... - Fortinet Community but MTU on the GRE tunnel remains 1476. I want it to be 1356 for this state when ipsec is off.

one side of that mikrotik - fortigate link is discarding ldap traffic so domain users are unable to log into their computers because of problem in communication between computers and domain controllers... ldap traffic from windows 11 clients to domain controller on port tcp88 and vice-versa has DF bit set and traffic may not be fragmented..

dbhavsar · ‎05-30-2024

Hello @netops-1 ,

- You can use following commands:

config sys interface

edit <interface-name>

set mtu-override enable

set mtu <mtu-value>

https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-adjust-the-Maximum-Transmission-Un...

DNB

netops-1 · ‎05-30-2024

hello,

those commands are not available on GRE tunnel interface

AEK · ‎05-30-2024

Hi netops

From my personal deduction, GRE is still possible on FortiOS (but IPsec is recommended) just for compatibility with old fashion networks. This is probably the reason for which it doesn't have as many customization possibilities as IPsec interface.

AEK

How can i change MTU of a GRE tunnel interface?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website