Hi.
I've installed my first EFW today, and I love it already.
But I'm having problems with OpenVPN.
I've configured a bridged VPN. The client connects fine, I can ping EFW and other machines on the lan, I can do ssh and other things, but as soon as traffic is above a certain rate the connection (web, ssh) drops.
I.e. I cannot open EFW admin interface: it asks me user/pass, but as soon as I press enter I see a little activity and then stop.
If I do SSH, either on EFW or another machine, it works as long as the output is a of lines. But if I do something like an ls -l of /var the connection get stuck. In past I had similar problems due to mtu misconfiguration, but I double checked and everything seems ok.
Server config:
; daemon configuration
daemon
mode server
tls-server
proto udp
port 41194
multihome
user openvpn
group openvpn
cd /var/openvpn
client-config-dir clients
script-security 2 system
; tunnel configuration
dev tap0
server-bridge 192.168.0.1 255.255.255.0 192.168.0.101 192.168.0.110
push "route-gateway 192.168.0.1"
passtos
comp-lzo
management 127.0.0.1 5555
keepalive 8 30
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
persist-local-ip
persist-remote-ip
; logging and status
writepid /var/run/openvpn/openvpn.pid
ifconfig-pool-persist openvpn.leases
status /var/log/openvpn/openvpn-status.log
verb 1
client-connect "/usr/local/bin/dir.d-exec /etc/openvpn/client-connect.d/"
client-disconnect "/usr/local/bin/dir.d-exec /etc/openvpn/client-disconnect.d/"
; certificates and authentication
dh /var/efw/openvpn/dh1024.pem
pkcs12 /var/efw/openvpn/pkcs12.p12
client-cert-not-required
auth-user-pass-verify "/usr/bin/openvpn-auth" via-file
username-as-common-name
client conf:
client
dev tap
proto udp
remote myremote 41194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/my.pem
auth-user-pass /etc/openvpn/my_pass.txt
comp-lzo
verb 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
any help appreciated.
thanks