Why Are VPN Tunneled Services Interrupted or Slowed Down When a VPN Tunnel Is Established by Using the L2TP over IPSec Dial-up Software of the Windows 7 Operating System?
VPN tunnel-encapsulated packets from the firewall to the device with the Windows 7 operating system are fragmented. However, the VPN client of the Windows 7 operating system cannot decapsulate the fragmented packets. Therefore, the existence of large packets causes a service interruption or slowdown. You can change the MSS value on the firewall to prevent VPN tunnel-encapsulated TCP packets from being fragmented.
[USG]firewall tcp-mss 1300
Warning: Configure tcp-mss will affect the system's normal service.