App no longer connecting remotely

[Scott F]

About a week ago i noticed that the app seemed to be dropping connection quite a bit when used remotely but if i closed the app and reopened it then it would work again but now remote connection seems to have stopped altogether. If i am connected locally then the app uses the local IP of the miniserver and connects without issue and if i am remote and connect to my home network via my VPN and radius server then again the app works just fine using the local IP of the miniserver but if i do not use the VPN and instead rely on the dynamic DNS service (either my own or the loxone one) then the app on any device will simply say "poor connection" and hang there where i would normally expect it to pop up with the dynamic DNS connection and connect. What is really odd is that this seems to be limited to the app as if i open loxone config and connect remotely then it opens up the dynmaic DNS option to resolve the WAN IP and connects every time. Has anyone else experienced a similar issue and have any ideas what might be causing it? I did contact Loxone support who got back to me within an hour or so but their first request was for user and password credentials if you can believe that!

[Scott F]

I have finally resolved the issue and it appears to be related to MSS clamping. I am not sure if this is specific to the router/firewall that I am using which is a Unifi USG4. A recent update seems to have changed/overwritten config on the router which caused the issue. For some reason with the miniserver access via the app only there seems to be something different in how it is making a connection. Using Loxone Config it connects fine but the app not so there must be something different in how it is establishing a connection between the two. MSS clamping is related to the TCP handshake used for the VPN connection which is why I find it odd that it works in Config and on my own VPN connection but not with the one used in the app. The only way to resolve this is to make settings changes not accessible via the Unifi UI, you need to open a telnet or ssh terminal to the gateway and perform the following config :

configure

set firewall options mss-clamp interface-type all

commit

save

exit

No idea what is different about the app connection that would require this.