Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN in Bridge-Mode on XenServer 6.2 - dup ack and retransmissions

    Virtualization
    2
    2
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      his.dudeness
      last edited by

      Hi,

      I'm trying to set up pfSense as OpenVPN Client Access Server in TAP (Bridge-Mode) virtualized on Citrix XenServer 6.2.

      I used this guide: https://forum.pfsense.org/index.php?topic=46984.0

      Authentication of the clients works fine and the routing seems to be fine too (tried ping to different hosts behind the open vpn server)

      However I can't establish any tcp session through the tunnel.
      I sniffed on the OpenVPN TAP adapter on the client and saw a lot of dup ack and retransmissions.

      I already tried the

      • stable pfSense and the latest 2.2 beta, even WITH xen guest tools (http://blog.feld.me/posts/2014/07/pfsense-on-citrix-xenserver/)
      • I disabled tcp offloading in pfsense
      • I disabled tcp.inflight-something in pfsense
      • played around with the MTU size. (although my old vpn server on ubuntu works fine without mtu tweaks)

      Communicating WITH the pfsense VM works fine (e.g. web UI or ssh). Affected is only the traffic that goes through the tunnel

      Anyone any ideas ?  :-)

      cheers
      Michael

      1 Reply Last reply Reply Quote 0
      • P
        phadm
        last edited by

        hi, i write a solution for the problem:
        https://forum.pfsense.org/index.php?topic=85797.msg475906#msg475906

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.