OpenVPN ClientVPN issues after 2.3 update


  • Hi,

    I'm experiencing an issue that seems very much like an MTU issue, ever since updating to pfSense 2.3
    I have a scenario like in the following image:

    Basically there are x2 pfSense. On site 1 there is a PC with a an OpenVPN client connecting to the pfSense on the site 2. Accessing any resources across the VPN, I can ping, even do very small HTTP GET requests, larger traffic doesn't get through (such as a GET request to a page on the same server, but with more content).

    It seems like an MTU issue, and looking through the release notes, there seem to be quite a few MTU changes.

    Steps tried: I've tried lowering the MTU to 1300 and 1400 on the VPN client, adjusting the MSS/fragmentation as well, but hasn't fixed the issue.
    It's worth noting that if I connect the VPN client from anywhere not behind the pfSense at site one, the traffic works without issue.

    Any ideas on where to look next?

    Cheers,
    Josh


  • I don't think topology would have any relation to that, but that's the only change in behavior that I can think of. Did you change your topology back to net30? Edit your OpenVPN server instance, and set the topology drop down to net30.


  • I just tried changing to net30, but it doesn't seem to have helped.

    I also seem to be having the same dpinger messages in my log as this thread: https://forum.pfsense.org/index.php?topic=110751.0
    (although my pfsense isn't virtual)