Hi Noel, > Is there a way to limit the mss that is encapsulated into the ESP packets > and/or cause fragmentation on either of the endpoints? You can do so via iptables [1] or the patches at [2]. Regards, Tobias [1] http://lartc.org/howto/lartc.cookbook.mtu-mss.html [2] https://wiki.strongswan.org/issues/632#note-14