Forum Discussion

RoflCopter4's avatar
RoflCopter4
Neighbour
6 months ago

TLS/SSL is broken over WLAN

My wireless connection does not appear to be working. It is very strange. The wired, ethernet connection works without problems. The wlan, though, is having problems on multiple devices, but it isn't...
TELUS_Support's avatar
TELUS_Support
Icon for Official Support Team rankOfficial Support Team
6 months ago

Hi! This suggests the issue is not with the devices themselves, but with how the router handles encrypted traffic over wireless, possibly due to:

Misconfigured MTU or packet fragmentation

Corrupt or failing Wi-Fi firmware in the router

A transparent proxy, firewall, or QoS setting that’s mangling SSL packets

Time sync issues (though you’ve already tried correcting that)

 

Steps to Troubleshoot Further

1. Check MTU (Maximum Transmission Unit) on Wireless

A misconfigured MTU can interfere with SSL handshakes.

On a wireless device, try:

If that fails, try smaller sizes (-s 1400, etc.).

If you're on Windows:

 If pings fail at higher packet sizes, you may need to reduce the MTU setting on your router (often under WAN or Advanced > Network settings) to something like 1400 or 1452.

 

2. Temporarily Disable Router Security Features

Some modern routers have security settings (e.g. “Safe Browsing,” “Parental Controls,” “SPI Firewall”) that can interfere with SSL.

Log into the router admin page

Look for:

DNS filtering or HTTPS inspection

QoS rules

SPI firewall or application-level gateways

Temporarily disable anything related to security or filtering to test.

 

3. Check Router Firmware

A recent update (or a failed/corrupted update) may have broken something.

Look up your router model online to see if others report similar issues.

If possible, rollback or reflash the firmware.

 

4. Try Custom DNS

You mentioned trying different DNS servers, but just to confirm — use 1.1.1.1 (Cloudflare) or 8.8.8.8 (Google).

Some ISPs redirect DNS over Wi-Fi differently than over Ethernet.

 

5. Bypass Router for Testing

To rule out the router:

Tether via a mobile hotspot and check HTTPS on the same device.

Or, if your modem and router are separate, try connecting directly to the modem via Wi-Fi (if possible).

 

6. Log Network Activity

On a desktop/laptop over Wi-Fi, try using:

Wireshark or browser dev tools (Network tab) to capture what’s happening during HTTPS failures.

Look for TLS handshake failure, RST packets, or certificate unknown.

cmd

ping -f -l 1472 google.com

bash

ping google.com -D -s 1472

Related Content