RoadWarrior OpenVPN over UDP failing

Reply to RoadWarrior OpenVPN over UDP failing on Thu, 07 Feb 2008 12:41:42 GMT

leimrod — Thu, 07 Feb 2008 12:41:42 GMT

In your OpenVPN config (i.e. OpenVPN\config\client.ovpn) on the client machine what do you have set up as "proto"?

If it is set to "proto tcp-client" it needs to be changed to "proto udp"

Reply to RoadWarrior OpenVPN over UDP failing on Thu, 10 Jan 2008 15:26:19 GMT

linuxamp — Thu, 10 Jan 2008 15:26:19 GMT

Same happening to me as well. TCP works great but UDP will gradually fail over a minute or so. For instance if I pull up a remote web page, the first page will load quickly but might be missing a few elements. The next page will load slower and miss more elements. The third and later page requests will simply timeout.

From what I've been reading, tunneling TCP over TCP is bad because each TCP layer is performing it's own error correction and this will lead to excessive re-transmission but in this case it's TCP within UDP that's failing.

Reply to RoadWarrior OpenVPN over UDP failing on Thu, 20 Dec 2007 17:19:54 GMT

razor2000 — Thu, 20 Dec 2007 17:19:54 GMT

You wouldn't happen to have a dual-wan connection on this pfsense box would you? I am asking because I want to be sure that you aren't trying to connect to the OpenVPN server using your pfsense's OPT ip address. The reason being that I cannot connect to my pfsense's OpenVPN server using UDP when using the OPT ip address. When I change it to TCP, it works just fine. However, on my main WAN link, I can connect using either TCP or UDP.