Getting strange behavior using vpnc to connect to a cisco vpn:

all works great when connected to a router (NAT)

when used in config without a router (common cable modem setup), it connects to the vpn, but does not pass "real" traffic
pings work, sometimes text on webpages (but not images), but cannot transfer files or run server side apps.
It looks like an mtu issue, but several fixes for that have no effect.

Also have tried :
upgrade vpnc - didn't work
downgrade vpnc (to the version on knoppix 3.3) - didn;t help

this appears to be a bug in the TUN driver in the kernel ?

a test with ubuntu 7.04 (feisty) live cd does not have the problem

has anyone seen this sort f problem or have any ideas?

Getting same problem from a Debian 3.1 host to a Cisco PIX.
The infuratiating thing is that the problem comes and goes.

Thought it was an MTU problem but have tried different MTU's all the way along.
The tun device defaults to an MTU of 1390.

Its insane, the ssh response to the box on the other end is quite zippy, but large scp or rsync-via-ssh transfers just jam almost instantly.

It IS infuriating. It acts like an MTU problem, but changing the MTU doesn't help.

I've search extensively and tried many things to find a fix, but so far the only (and almost universal) solution we have found is to work behind a broadband router.

After digging through all the garbage traffic in tcpdumps without a router, we decided that the cleaner network traffic stream with a router makes it worth the minimal cost, so we made it a requirement for our setup.

Maybe I'll have time next week to dig into the Ubuntu kernel and see what's different there that makes it work.

Maybe I'll have time next week to dig into the Ubuntu kernel and see what's different there that makes it work.
That's an interesting approach, but have you tried packet sniffing to see what is different when it works and when it doesn't? Packet sniffing may also give you a better idea of exactly where in the process things are breaking down.