When users access internet web servers through SDWAN Internet Service. Meanwhile, the Internet Service is a PPPoE Link. The internet access may fail when load some pages. 

The feature has been engaged in SDWAN 11.3.1
https://www.citrix.com/downloads/citrix-sd-wan/citrix-sd-wan-standard-premium-advance-edition/appliance-software-release-113153.html

Release note:
------------------
From Citrix SD-WAN 11.3.1 release, an extra 8 bytes PPPoE header is considered for adjusting TCP Maximum Segment Size (MSS). The extra 8 bytes PPPoE header adjusts the MSS in the synchronize packets based on the MTU.
[ NSSDW-22779 ]
------------------

Note: 
There is a minor BUG in 11.3.1, when the PPPoE link's MTU is set to 1492, MSS Clamping won't take effect. 
Workaround is set MTU to be lower than 1492, like 1491. Bug is fixed in 11.4.0 and 11.3.2.

---

Problem Cause

This is because SDWAN PPPoE link doesn't support MSS Clamping before version 11.3.1

What is MSS Clamping?
1. In a PPPoE link, additional 8 bytes PPPoE header will be inserted into frames. That may cause total length of frams exceed MTU 1500. Hence, we need to fragment those TCP packets if payload length is 1460.

2. However, in most cases, DF bit is set in packet. Don’t allow fragmentation. Then, PPPoE router should reply ICMP “Fragmentation Required” message to original client/server. Then client/server should send the packet in a smaller data.

3. However, the ICMP message may be dropped by firewall. In such cases, a better solution is PPPoE router modifies the MSS value in a TCP connection to fit PPPoE link’s MTU. That is called MSS Clamping.