[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] weird problem with openvpn

  • Subject: [Openvpn-users] weird problem with openvpn
  • From: "Paolo Negri" <hungrylist@xxxxxxxxx>
  • Date: Sun, 7 Oct 2007 23:03:30 +0100

I have the following configuration

|lan1| - | Ovpn server |  - < internet > - |Ovpn client| - |lan2|

lan1 is lan2 is

from lan1 I can access any resource (http, ssh) of lan2, no problem at all.

from |Ovpn client| I can access any resource of lan1, no problem at all.

from lan2 I can ping any host in lan1

but from lan2 I have problem accessing services in lan1 ad es. http

I thought it was a mtu problem but after experimenting with various
settings I'm confused.

I'm testing the system with an http connection dumping with tcpdump on
eth0 of a client in lan2 and |ovpn client| while I'm trying from the
client in lan2 to access a web page on |ovpn servet|

What happens is:

client sends SYN packet
server sends SYN + ACK
client sends ACK
at this point the connection gets messed up
client will send 9 times GET / HTTP/1.1
server will send 5 times the SYN+ACK (to each of these client will re-send ACK)

from the dump of the ovpn client I see that the ACK and the GET /
HTTP/1.1 sent from lan2 client are never received on eth0 of ovpn

But really consistently after 145 secs a GET / HTTP/1.1 from the
client reaches ovpn client eth0 and suddenly the web page is served to
the client.

This is something I can replicate without fault and the timing is
always the same.

I checked the connection between lan2 client and ovpn client using
http, ssh, ftp, telnet, including transfer of huge files. Everything
works perfectly and the problem appears only in traffic involving the

I have full tcpdump in binary or text if someone is interested.
OpenVPN mailing lists