|
|
Hi Matthias Matthias Apitz wrote: > Hello, > ... > all came up fine again, including the OpenVPN-connections, but: > > - while the connection to the other OpenVPN-server did not show > any problem, the Windows based OpenVPN-clients had problems; > - they came up fine too and the user could do a ping through the > tunnel to the inner webserver and could do a > telnet webserver 80 > GET / > operation, > but could not do a fetch with a real browser Firefox; > > I monitored the traffic with TCPDUMP in the LAN on port 80 and > the UDP port already outside the firewall and the HTTP traffic could > be seen as arriving from the browser and the response sent by the > Apache and leaving as UDP the building > to the client in the VPN tunnel; but somehow was not arriving > at the client side (I think so because the same big UDP packages > caused by the HTTP output of Apache was sent again and again); > > some hours later we switched back to the original firewall and the > problem went away; > > what could be the reason for this? I need a solution because without > it our stand-by system is useless :-(( It smells like a firewall issue and not really a OpenVPN issue. - Did you check the packets on the client too? - Have a look at timeouts, fragmentation issues. Erich ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |