Sounds like MTU problems... We had to set PMTU on our gateways to help with the process.
https://www.linuxtopia.org/Linux_Firewall_iptables/x4700.html Feedback is welcome, interested if this could be the problem. Kevin 2018-07-20 17:51 GMT+02:00 Ahammerl <ahamm...@googlemail.com>: > Hi, > > Connecting via Strongswan VPN, using XAuth PSK, I have troubles visiting > some websites (which don't seem to be blocking any IP in general). Could > there be an issue with the route containing virtual host hops which are not > available with all ISPs? > > In my test, I connect one time to the VPN with telekom ISP, another time > with a regional ISP. both connect well without problems and can visit most > websites incl. google, whatsmyip.com etc. properly, which confirms the > VPN IP with success. > However, trying to visit e.g. www.ip8.com, the 2nd connection is failing. > > For comparison, with OpenVPN on the same server, it's working with both > ISPs OK, visiting ip8.com without troubles. With Strongswan VPN as > alternative, it fails to connect with the 2nd. > Next, I compared the route with traceroute and mtr via Strongswan VPN. > This looks OK and it's the same route as I have when trying to connect from > the VPN server itself to the website. > > Is there a known issue or do you have a hint how to resolve this by > configuration changes, if possible..? > > Thank you! >