You might try adjusting the TCP-MSS value on the client side and also enable fragmentation before-encryption if there's fragmented packets.
Federico.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: