I have tried ocserv and it worked quite well. However there are some problems I'd like to report: 1. The manual on the website uses the ??? character instead of ?-?. If configuration is copied from there, it will not work and the error message (like ?config option tcp-port is mandatory?) is not really helpful. 2. MTU of the tun device seems to be 9 bytes larger than it should be. I was not able to browse some https sites, and tcpdump said there are truncated ip packets. After manually setting the MTU 9 bytes smaller, everything worked. The path MTU is 1500. And I have enabled try-mtu-discovery. Anyway, thanks for this work. Yin Guanhao
