John Johnstone jjohnstone.nospamfreebsd at
Wed Apr 24 02:01:46 UTC 2019

On 4/23/2019 8:36 PM, Doug Hardie wrote:

>> Might be difficult to arrange but testing from some hardware besides a phone would help; being able to run tcpdump on the external device side.  This would allow verifying the 3-way TCP handshake at the client side.
> As I indicated, tcpdump has been use on all connections.  The connections are established and data is sent.  The client just ignores it.  Or, that's what it appears.

If the client seems to be ignoring what is coming from the web server 
that means that either the web server isn't sending what it should be or 
the client isn't behaving as it should or as you're suggesting, packets 
aren't transiting through OpenVPN as they should.  It's a lot of work 
but comparing what's seen at the server with what's seen at the client 
should reveal something.  Wireshark with Analyze > Follow > TCP Stream 
can make things stand out a bit more than tcpdump.  It may take a packet 
by packet comparison to determine where things are going wrong.

Maybe trying other connections / protocols such as ssh / telnet through 
a VPN connection might reveal some kind of pattern to the problem.

John J.

More information about the freebsd-questions mailing list