OpenVPN is choppy

valnar · Dec 21, 2017, 3:42 PM

I know this is going to be an open-ended complaint with little hard data, but…

I setup an OpenVPN server on my home pfSense firewall. This is replacing a Cisco 1921 router where I previously setup AnyConnect, its distant cousin, to get into my home network. It was on an ASA 5505 before that.

It seems the VPN experience over OpenVPN is choppy, for lack of a better term. It's not smooth. VNC & RDP to my home computers are halt and go with micro stutters...just erratic. It's almost like a bad connection but it's not. I don't see any obvious problems with my VPN setup but its behavior reminds me of an MSS or MTU fragmentation issue. I lowered the MTU on my TAP adapter (Windows 7) to 1440 and it doesn't seem to matter. I might lower it more, but before I spend too much time troubleshooting, is this a common problem? Is there an easy fix to make the VPN experience smoother? Perhaps something I can edit in my OpenVPN config file that was generated? I'm running the latest recommended package of OpenVPN GUI for Windows.

'Note that this doesn't happen with any other VPN past or present. Whether it's AnyConnect, Cisco's older IPSEC VPN Client, L2TP or whatever.

Any advice?

valnar · Dec 20, 2017, 9:38 PM

My sanitized client config

dev tun
persist-tun
persist-key
cipher AES-256-CBC
ncp-ciphers AES-256-GCM:AES-128-GCM:AES-128-CBC:AES-256-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote xxxxx.dyndns.org 443 udp
lport 0
verify-x509-name "OpenVPN-cert" name
auth-user-pass
pkcs12 xxxxx-udp-443-me.p12
tls-auth xxxxx-udp-443-me-tls.key 1
remote-cert-tls server