Hello,
We tried to change our TP-Link on RB1200.
We have very simple setup on - masquerade + two dst nat. And same is on TP-Link.
Port forwarding is for OpenVPN Server on CentOS.
If I replace TP-Link with RB1200 I have issue with OpenVPN Tunnels.
I can ping any PC and Servers in the LAN, connect to any Linux Servers, but not for all Windows Servers.
It seems like MTU problem.
Does some one have similar issue ?
How I can troubleshoot this ?
No same issues, but if its a MTU problem you can force smaller MTU on TCP connection
to do that action “change MSS” is used for.
for examlpe
/ip firewall mangle add action=change-mss chain=postrouting disabled=no new-mss=1459 passthrough=yes protocol=tcp tcp-flags=syn tcp-mss=1460-65535
cieplik206,
Thank you for reply.
But this not helped me 
.
I tried also to change this on VPN Server side, but with no luck
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
#iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1368
As I can see in tcpdump - TCP Session started but data sended but data sended by my VPN Client can’t reach Windows Server or Windows Workstation. It just tried to retransmit it.
Re: [Openvpn-users] MoreOpenVPN MTU weirdness I cant understand