Webgui empty response through vpn

  • Hi to all,
    I have configured pfsense as openvpn client.
    I use this VPN to access pfsense console and pfsense webgui, i can access to pfsense via ssh but when i try to access webconfig i get redirect from http to https, the browser alert for my fake ssl certificate and then empty response.
    If i change the protocol from https to http i can open web config but it's really really slow (sometimes i get timeout) when other sites on the same vpn are not slow.

    curl https:

    curl -Lvk
    *   Trying
    * TCP_NODELAY set
    * Connected to ( port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * successfully set certificate verify locations:
    *   CAfile: /etc/ssl/cert.pem
      CApath: none
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * NPN, negotiated HTTP1.1
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Unknown (67):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to
    * stopped the pause stream!
    * Closing connection 0
    curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to


    ...	UGS	220	1500	ovpnc2	link#12  UH	0	1500	ovpnc2	link#12	UHS	0	16384	lo0

    OpenVpn firewall rules:

    Protocol	SourcePort	DestinationPort	Gateway	Queue
    IPv4 TCP	*	*	*	*	WANFIBRA	none

    OpenVpn network:

    pfsense ip
    client used for testing

    Do you have any idea why I can not access the web config and why is it so slow?
    Thanks, bye bye!

    The problem was the MTU of VPN!
    I had MTU 1500 but max of my openvpn machine was 1472.
    I add
    mssfix 1420
    fragment 1472
    to openvpn client config and all works!

Log in to reply