Hello,
I Have MikroTik RB1100AHx2, and i created PPTP Server to enable users to connect inside the company network, and everything is working just perfect except one small problem. When im connected to VPN, and i want to access https:// web based interfaces it doesn’t open page at all, on the other hand http:// working properly, i enabled proxy-arp on LAN interface. Anyone knows what could be the problem here? Thanks in advance.
I’m 99% sure your problem is that PMTUD does not work because you filter ICMP unconditionally. Place some rules to allow traffic with connection-state=related on top of your FW Filter rules.
Another way to solve the same problem is to use mangle rules to lower the MSS in all TCP packets that are about to enter your PPTP tunnel. But the first solution is better IMO.
Hi,
Do you have a load balancer running your companies https web interface?
I have a similar problem with https traffic to our Kemp load balancer for access to the XenApp web interface.
When I add a destination NAT rule the https traffic goes straight to one of the servers behind the Kemp and all works 100%.
Elmar