Hi

I have weird issue in network were part of websites (i.e. Booking.com, Bitstamp.net) are not opening while other are just fine (i.e. gmail, facebook). I get DNS resolve, I can ping those sites, so it is on Layer 4 or higher, I'm clueless....

I have HEX router as CAPsMAN + 2 x hAP ac lite as AP's. CAPs are running in manager forwarding mode.

I did test with wire directly on HEX and it's fine. I did test with wire on one of the AP's by building EoIP tuunel to HEX and it's also fine. I can happily access all sites.
So it is only on WiFi.
Firewall rules are defcon. I have simple srcNAT with masquerade on outer interface.

any clue where to look and for what?

had the same issue with some SSL and Citrix Sites. After changing my datapath mtu to 1600 everything works as aspected!