Cannot connect to some https servers

Hey everyone,
I'm new in openwrt and I sat up a openconnect client on my router.
I configured the routes and most sites are working well except some sites aren't working at all.

For example telegram.org
To demonstrate the issue I tested command below:

wget https://telegram.org

In my clients the output is (and it will be like this forever and the command never completes):

--2021-04-24 00:38:25--  https://telegram.org/
Resolving telegram.org (telegram.org)... 149.154.167.99
Connecting to telegram.org (telegram.org)|149.154.167.99|:443... connected.

But in router it just works fine:

Downloading 'https://telegram.org'
Connecting to 149.154.167.99:443
Writing to 'index.html'
index.html           100% |*******************************| 16093   0:00:00 ETA
Download completed (16093 bytes)

I don't understand what causes this problem.
The vpn interface is in wan and many sites and apps are working great over that interface.
But sites like epicgames, telegram not working in clients

Try to disable peer DNS and use Google DNS instead:
https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#upstream_dns_provider

If the issue persists, try decreasing MTU on the VPN interface.

4 Likes

Thank you
The problem fixed
it was caused by mtu

The mtu between router and vpn server was 1200
The mtu between vpn server and web server was 1500

And because of that any response from vpn server to router caused an icmp packet to lower the mtu to web server but some web servers not listening to that and that causes this problem

I fixed it by enabling mss for wan zone in firewall
Thank you in advance

2 Likes

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.