Having an issue with many https sites not loading, but the easiest to replicate seems to be assets off https://yescrowd.optus.com.au/.
The yescrowd site itself works but when using the internet through an optus home wireless router assets from / don't load.
* multiple browsers - reset settings and clear all data
* multiple wireless router devices, ac800s & e5186
* both devices firmware are up too date and factory reset multiple times
* all forms of connection, being usb, ethernet and wifi
* multiple sims/accounts (a family members)
* multiple client devices, including windows 10, linux and android
* multiple internet connections, all work correctly to get assets from the site except when using the optus home wireless product, like iinet, telstra, aws, using a command line curl -vo/dev/null '/html/assets/icomoon.ttf' for standardized testing.
* tried multiple sites and as a result different cell tower id's (went driving) to validate it's not localized to a specific tower (we at least towers in my area hurstville).
* with wireshark I can see the issues due to a failure to negotiate during tls negotiations (tried all versions of tls), with the response packets (which are 1508 bytes) aren't being returned and the client keeps resending the same request packet over and over.
* clamping the clients mtu out the interface, including modifying the mss size on the tcp headers all the way down to 1400 from the typical 1460.
The majority of https sites work, but many don't.
I can't confirm if the problems always been happening as I didn't exactly notice 100% what was going on for awhile.
But I would say it's been happening for the past week at least.
Any thoughts on what could be causing this or what to do next to resolve it ?
Solved! Solved: Go to Solution.
the hostname that was filtered out of my previous message was assets from optus.i.lithium.com fail to load when using https.
Just to let everyone know, if your having this issue contact optus support.
They made a "change" and after a factory reset my service is now working 100% with all https sites.