Here’s the situation:
I have two main locations within a short distance of one another that I primarily work at, Location A and Location B. Each site has a different wireless network (network a and network b). I can connect to my home VPN server on network a. I cannot connect on network b.
However, if I connect on network a, then leave location A, travel to location B and join network b, the VPN connection resumes. In the journey between A and B, I have disconnected from both networks, and the VPN connection has resumed over cellular, then over wifi at location B.
If I leave location A without the VPN connection active, travel to location B, connect the VPN via cellular, then join network B, the VPN connection does not resume.
In all cases other then the “connect at A, travel to B”, the connection times out.
Other public facing services accessible via the same domain name as my VPN are available on both networks. Changing from UDP to TCP does not fix the issue
What methods could my workplace be using to block my VPN connection that could produce this behaviour?
I had the same issue at my workplace… suspected clever blocking but it turned out to be MTU was loads lower on my corporate network (think it’s encapsulated and then encapsulated and then encapsulated)…
Test it with loads of ping -f -l values to work out what’s the biggest packet they support then change your ovpn client config to throttle back:
# Sets an upper bound on the size of UDP packets which are sent between OpenVPN peers.
# It's best not to set this parameter unless you know what you're doing. (MTU - 20 IP Header - 8 UDP Header)
link-mtu 1312
I have no idea about your main concern, but I have a doubt/test I would try. You mention that if you start your VPN connection on network A, keep the connection alive on mobile data, and connect on network B, the connection stays alive.
Have you tried to initiate the connection on location B through mobile and then switch to network B? I’m just curious. it does not resolve your main question, but I am just curious
Have you rebooted your computer at location a or b during testing?
It doesn’t make any sense that location B where it’s blocked would allowed resuming like that.
What do your openvpn logs show when it’s not working at location b?
Yeah that’s what has me stumped, initiating on mobile data then switching the network B will cause the VPN to fail to reconnect
Will post some logs tomorrow, but at a glance just connection timeout.
Has been an ongoing issue for about 6 months and the server reboots everyday. Android and Mac clients, both have same behaviour, both rebooted somewhere along the way