i have 2 sites vpn between Strongswan and Cisco 1841 , the vpn works well , but there is a problem , some of ssl website could not open , after some research it turned out that’s the mtu issue.

this is how i fix:

In case of yahoo, i need to update this on strongswan server:

For your reference:

MTU woes in IPsec tunnels and how you can fix it