VPN

Why doesn't OWA open via L2TP on Mikrotik?

There was an Exchange 2016 server. They picked up the second one and brought them to the DAG. Assigned DAG ip. We have computers that are connected to our network via vpn l2tp+ipsec raised on Mikrotik hap ac2. OWA is configured on the Exchange servers.

After the DAG was configured, clients who connect via vpn stopped opening OWA by domain name. In OWAVirtualDirectory InternalURL/ExternalURL point to the external domain name https://owa.domainname.ru/owa/
OWA is normally opened from the external and internal networks, as well as by the DAG ip address. If you raise vpn without Mikrotik, it also opens.

Thus suspicion fell Mikrotik. Perhaps the problem arose due to the MTU, MRU values ​​\u200b\u200bfor the l2tp tunnel (it costs 1379), I registered the Mikrotik rule, but it did not help:

/ip firewall mangle
add action=change-mss chain=forward new-mss=clamp-to-pmtu out-interface=l2tp-out1 passthrough=yes protocol=tcp tcp-flags=syn tcp-mss=1300-65535