Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN malfunctioning due to MTU

    OpenVPN
    2
    2
    434
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DSTMalo
      last edited by

      executive summary: If you can connect with OpenVPN but can't browse SMB shares, adjust your MTU.

      Gentlefolk,

      I come to you across the time and space that separate us not to ask for help, but to describe what I did to ameliorate a problem. Perhaps this knowledge may be useful to others. I beg your forgiveness in advance if I fail to describe my odyssey using the proper nomenclature. I am a historian and writer and not a certified network technician.

      I use the OpenVPN feature of pfSense to connect to my home network using Windows-OS portable computing devices as I roam the surface of the Earth. My primary requirement is to access files stored on a network attached storage (NAS) device.

      After upgrading my pfSense Community Edition firewall device to version 2.7.2 I could still connect to my pfSense / OpenVPN server but I was largely unable to access resources on my home network. Of greatest frustration was my inability to browse network shares. I could connect to my NAS device and view a share listing, but I was unable to enter the share and browse files. Using web browsers I was unable to reach the web-based administration pages for my devices. Curiously I was able to ping my devices, and was able to connect beautifully to a virtual machine using Remote Desktop.

      Professor Google led me to this magisterial explanation of MTU as it relates to OpenVPN connectivity. Prior to using these troubleshooting techniques my OpenVPN MTU was set at the default of 1500. Following the provided instructions I discovered that I couldn't pass packets of the default 1500 bytes. After conducting a series of iterative tests I found I could reliably transfer packets of 1375 bytes.

      While still following The Geek Pub's advise, I entered a supplemental configuration line in the Advanced Configuration / Custom Options input rectangle on pfSense's OpenVPN server configuration interface.

      Please consider the attached screen-shot. OpenVpn MTU.jpg

      After re-downloading my OpenVPN configuration and copying it to my portable devices, I was able to browse my network shares with great efficiency.

      May you be blessed by the god of your choosing.

      Don St. Malo

      D 1 Reply Last reply Reply Quote 0
      • D
        dsc2000 @DSTMalo
        last edited by

        @DSTMalo Thank you so much! Happy new year.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.