OpenVPN in Bridge-Mode on XenServer 6.2 - dup ack and retransmissions
I'm trying to set up pfSense as OpenVPN Client Access Server in TAP (Bridge-Mode) virtualized on Citrix XenServer 6.2.
I used this guide: https://forum.pfsense.org/index.php?topic=46984.0
Authentication of the clients works fine and the routing seems to be fine too (tried ping to different hosts behind the open vpn server)
However I can't establish any tcp session through the tunnel.
I sniffed on the OpenVPN TAP adapter on the client and saw a lot of dup ack and retransmissions.
I already tried the
- stable pfSense and the latest 2.2 beta, even WITH xen guest tools (http://blog.feld.me/posts/2014/07/pfsense-on-citrix-xenserver/)
- I disabled tcp offloading in pfsense
- I disabled tcp.inflight-something in pfsense
- played around with the MTU size. (although my old vpn server on ubuntu works fine without mtu tweaks)
Communicating WITH the pfsense VM works fine (e.g. web UI or ssh). Affected is only the traffic that goes through the tunnel
Anyone any ideas ? :-)
hi, i write a solution for the problem: