NAT? OpenVPN? not sure what i need help with here..
-
That verifies you do have connectivity, can you download that pcap and upload it somewhere, or email it to me (cmb at pfsense dot org) with a link to this thread. That looks normal but without seeing the payload it's hard to say.
-
Thanks cmb, just sent you the email.
-
The capture you just sent me looks more like what I would expect to see - no response at all. That was from the VPN interface though, try the same from LAN and send me that.
-
Just sent you capture from LAN interface
-
That last capture is much different, more like what you showed in the text output, which shows the behavior varies. Why isn't clear. What the last one shows is your client sends the SYN to open the connection, it gets a SYN ACK in response, and then it RSTs the connection. In more plain English, basically your client starts the TCP connection, the 10.0.0.50 device responds back for the next step of the handshake, and then your client says "no, close that connection". Then your client sits there for 3 seconds and repeats the exact same process. After that, it sits there for 6 seconds and repeats again.
The order is as described, but the timing is such that I seriously doubt the client gets the SYN ACK before it sends back the RST. There is around a half ms between the SYN ACK and RST, which is far too short of a window for the client to have gotten the SYN ACK, so it seems more like the client sends then SYN, and about 10 ms later, sends the RST. The two retries have 1 ms between the SYN and RST.
I have no idea why your client would be behaving that way, but that's the issue. Firing up Wireshark on the host itself, in the capture options put in a filter for "host 10.0.0.50" on the OpenVPN interface, and see what you get at that point would be my next troubleshooting step.