Doing a tcpdump on both ends, and the firewall where the tunnel terminates showed that the traffic would flow freely up to the 2,112kb mark, then you could see packets entering the tunnel at the web server end, but not exiting at the firewall end.

A quick Google and scan through the OpenVPN book pointed at using this command to test the maximum MTU of the tunnel:


So I added this to the tunnel config on the web server end, and restarted the tunnel. Logs reported:

openvpn[8177]: NOTE: Beginning empirical MTU test -- results should be available in 3 to 4 minutes.

And a short time later:

openvpn[8177]: NOTE: Empirical MTU test completed [Tried,Actual] local->remote=[1557,1445] remote->local=[1557,1557]
openvpn[8177]: NOTE: This connection is unable to accomodate a UDP packet size of 1557. Consider using --fragment or --mssfix options as a workaround.

So I took the advice of the computer, and added those 2 configuration options to the config file:

fragment 1400

Now my tunnel works perfectly again :)