Hi List days ago I post "Can't reach some route in Anyconnect? ?http://lists.infradead.org/pipermail/openconnect-devel/2014-March/001759.html and now I finally find out why. in my iptables I have a role to enable udp like this -A INPUT -p udp -m udp --dport 443 -j ACCEPT after I remove this role from the iptables, My problem solved. seems The TCP backup didn?t have the MTU problem. but I already added iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu and even tried? custom-header = "X-DTLS-MTU: 1200" custom-header = "X-CSTP-MTU: 1200?? set mtu = 1200 in config file. nothing helped. So I guess this is a MTU bug on UDP? -- Kevin Sent with Airmail
