RoadWarrior OpenVPN over UDP failing

  • I setup OpenVPN on the pfsense box and installed the openvpn-gui on my remote windows machine.  Everthing works fine over TCP but when I change to udp the connection often hangs.  I don't actually loose the connection but all traffic seems to just freeze.  For instance a putty connection through the VPN will show partial output such as half of the files when running an ls then just hang.  No disconnect message but no response either.

    Both sides are on high quality high speed connections.  It should also be noted that I'm using traffic shaping and snort.

  • You wouldn't happen to have a dual-wan connection on this pfsense box would you?  I am asking because I want to be sure that you aren't trying to connect to the OpenVPN server using your pfsense's OPT ip address.  The reason being that I cannot connect to my pfsense's OpenVPN server using UDP when using the OPT ip address.  When I change it to TCP, it works just fine.  However, on my main WAN link, I can connect using either TCP or UDP.

  • Same happening to me as well.  TCP works great but UDP will gradually fail over a minute or so.  For instance if I pull up a remote web page, the first page will load quickly but might be missing a few elements.  The next page will load slower and miss more elements.  The third and later page requests will simply timeout.

    From what I've been reading, tunneling TCP over TCP is bad because each TCP layer is performing it's own error correction and this will lead to excessive re-transmission but in this case it's TCP within UDP that's failing.

  • In your OpenVPN config (i.e. OpenVPN\config\client.ovpn) on the client machine what do you have set up as "proto"?

    If it is set to "proto tcp-client" it needs to be changed to "proto udp"

Log in to reply