Thread Info
  • State Verified Answer
  • +10 person also asked this people also asked this
  • Locked Locked
  • Replies 18 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 55443 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

vpn ssl and Mac OS High Sierra

Fabien Martinet

Hi to all,

I've setup a vpn ssl config on XG 105 v 17.0.1 MR 1.

Connecting with Tunnelblick 3.7.4b

From El Capitan and High Sierra.

Both machines connect ok (authentication, vpn connected, ping to lan working)

On El capitan I can browse to internal machines web interfaces (Synology, switch, printer) and RDP to Windows server.

On High sierra only RDP is working. All web connections fail. In the Sophos log viewer (firewall part) I can see the connection accepted, then right after another connection denied on rule 0 reason : Could not associate packet to any connection.

Any idea ?

Thks a lot



This thread was automatically locked due to age.
Parents
  • 0

    I have good news and bad news.

    The good news: I have the exact same problem!

    The bad news: I have the exact same problem!

    The VPN works fine on Windows and on Mac OSX Sierra.

    On Mac OSX High Sierra with Tunnelblick 3.7.5beta05 I see the same problem as Fabien. The VPN connection comes up, and I can ping anything I like.

    I did discover that I can't ping more than 290 bytes per packet. For example, pinging our DNS server over the VPN at 290 bytes works:

    ping -D -s 290 192.168.1.5

    But change to 291 bytes and it fails.

    ping -D -s 291 192.168.1.5

    I've tried a manual edit of the client VPN config to add an mssfix command, but that doesn't seem to have any effect.

    All internal web sites and file shares just hang. The OpenVPN client for Windows works fine. This is a High Sierra vs. OpenVPN issue I think. Maybe RDP works, due to requiring smaller packets than the typical 1400 bytes. 

    What's weird is the connection comes up working fine according to the debug logs, and then ends up not moving packets larger than 384 bytes to the VPN server just a minute or two later.

Reply
  • 0

    I have good news and bad news.

    The good news: I have the exact same problem!

    The bad news: I have the exact same problem!

    The VPN works fine on Windows and on Mac OSX Sierra.

    On Mac OSX High Sierra with Tunnelblick 3.7.5beta05 I see the same problem as Fabien. The VPN connection comes up, and I can ping anything I like.

    I did discover that I can't ping more than 290 bytes per packet. For example, pinging our DNS server over the VPN at 290 bytes works:

    ping -D -s 290 192.168.1.5

    But change to 291 bytes and it fails.

    ping -D -s 291 192.168.1.5

    I've tried a manual edit of the client VPN config to add an mssfix command, but that doesn't seem to have any effect.

    All internal web sites and file shares just hang. The OpenVPN client for Windows works fine. This is a High Sierra vs. OpenVPN issue I think. Maybe RDP works, due to requiring smaller packets than the typical 1400 bytes. 

    What's weird is the connection comes up working fine according to the debug logs, and then ends up not moving packets larger than 384 bytes to the VPN server just a minute or two later.

Children
No Data