[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] VPN comes up but not usable for high traffic

  • Subject: Re: [Openvpn-users] VPN comes up but not usable for high traffic
  • From: Erich Titl <erich.titl@xxxxxxxx>
  • Date: Mon, 05 Mar 2007 10:33:25 +0000

Hi Matthias

Matthias Apitz wrote:
> Hello,
> all came up fine again, including the OpenVPN-connections, but:
> - while the connection to the other OpenVPN-server did not show
>   any problem, the Windows based OpenVPN-clients had problems;
> - they came up fine too and the user could do a ping through the
>   tunnel to the inner webserver and could do a 
>   telnet webserver 80
>   GET /
>   operation,
>   but could not do a fetch with a real browser Firefox;
> I monitored the traffic with TCPDUMP in the LAN on port 80 and
> the UDP port already outside the firewall and the HTTP traffic could
> be seen as arriving from the browser and the response sent by the
> Apache and leaving as UDP the building
> to the client in the VPN tunnel; but somehow was not arriving
> at the client side (I think so because the same big UDP packages
> caused by the HTTP output of Apache was sent again and again);
> some hours later we switched back to the original firewall and the
> problem went away;
> what could be the reason for this? I need a solution because without
> it our stand-by system is useless :-((

It smells like a firewall issue and not really a OpenVPN issue.

- Did you check the packets on the client too?
- Have a look at timeouts, fragmentation issues.

OpenVPN mailing lists