We have a mail server configured in Ubuntu 12.04 with postfix, dovecot and roundcube. It has two interfaces, one with real IP and one with private LAN IP. Incase of intranet we have branches and head office, head office is connected directly through layer 3 switch and different VLAN and different IP block, branches are connected through core router. The mail server is working fine with the internet domain and in case of intranet we can browse webmail by the local IP from our head office. But the problem is that the webmail is not accessible from the branches. ICMP reply from branches to server and from server to branch is okay. Trace route from branches to server is okay but from server to branch it can’t trace after 2 hop. The webmail page shows broken from branches. Already tested using a simple index html file, it also shows broken page from branch. The default gateway is towards the real IP. We have some more servers with other applications in this IP block which are working fine from the branches. As per my troubleshooting it might be the routing issue as the default gateway of the server is towards Internet instead of intranet. Please help me how to resolve the routing.
At last the issue resolved with tuning the branch router TCP ADJUST MSS of the tunnel. Go to the tunnel in config mode and execute
tcp adjust mss 1250. the default is 1450. Then the webmail is working fine from branch.