When I load the same OpenVPN configuration (which is provided by our university) into Network Manager, the connection to the VPN still succeeds, but my traffic is not routed through the VPN. Other's have had the same (or the opposite problem on different Ubuntu versions - they didn't want everything to be routed, but could not change that
Just did some testing with both FrootVPN and VPN.HT using the OpenVPN client and I noticed something odd: The second I start reaching higher load (eg: When I start a speedtest) my connection instantly drops and I have to reconnect everything to gain internet access again. Project Management. Content Management System (CMS) Task Management Project Portfolio Management Time Tracking PDF Education OpenVPN's mtu-test will try to automatically determine what the largest packet size that actually goes through is; you can then use its values to update your config file. That said, when you have a specific issue like this, "anything unusual" is a good thing to look for. * --ip-win32 netsh will now work on hidden adapters. * Fix attempt of "Assertion failed at crypto.c:149". This assertion has also been reported on 1.x with a slightly different line number. The fix is twofold: (1) In previous releases, --mtu-test may trigger this assertion -- this bug has been fixed. VPN provider: ExpressVPN Connection type: tun Host types: Debian-based, in this case an ESXi VM, but in the past a QNAP with the same behaviour. Policy route method: LAN rule out, by source IP, specifies gateway to be interface of OpenVPN connection, also tags with and is matched on a floating rule on WAN to be dropped (to act as killswitch). Later you say you have a VPN that the packets are coming in on. What is the MTU on the VPN? You also say: But strangely, when I change the mtu to 1200, i get packet loss between 30% and 100%, sometimes fragmenting the packets, sometimes not… I assume this is the VPN? Or is it on the FreeBSD host? This is where Wireshark can come in handy. So unless openvpn is started from a session where the memlock limit is increased to a large enough value, do not drop privileges when using mlock. The required limit is dependent on client config, libraries linked in etc., but 100MB should good enough -- I see a virtual memory peak of 55MB for an instance running here and 27 MB for another.
blog.ipfire.org - OpenVPN - Path MTU Discovery
May 31, 2018 wiki.ipfire.org - Troubleshooting MTU - Test. For possible performance problems it can be quite useful, to check the MTU settings, therefor OpenVPN offers a MTU-test. To create an empirical MTU test, it needs an additional entry in the OpenVPN configuration file before the connection starts, the following line must be added.
Jun 27, 2017 · Create a file in "C:/Program Files/OpenVPN/config" called VPN.ovpn with the following content and where you change the vpn.yourdomain.com to match your configuration. port 1194 dev tap remote vpn.yourdomain.com tls-client auth-user-pass ca ca.crt cert client.crt key client.key mtu-test tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 pull comp-lzo verb 4
Setting correct MTU for OpenVPN | Magento Hosting by Sonassi OpenVPN requires a value called the MSS to be set. The MSS is the value for the MTU minus 40). Eg. If your MTU is 1460, your MSS is 1420. MSS = MTU - 40 MSS = 1460 - 40 MSS = 1420. Empirical MTU test does not work properly - OpenVPN MTU test has worked normally (although maybe not accurately).--tun-mtu is quite a different beast.. Also, the wiki/gigabit_networks article is not something you should do in a production envoronment, it is a specially crafted setup to test what openvpn is possibly capable of. #1103 (MTU test fails with client v2.4.5) – OpenVPN Community