Thanks, Nick.

MTU issues should affect all files, not just small like you say.

BTW, why do you have "reneg-sec 28800"? Is that a SWEET32 mitigation? If so, current server and client software is not vulnerable.

I had password prompts every hour on old openVPN desktop client - that's why I added it. Not sure if it's needed for openVPN GUI which I'm using now. This shouldn't affect performance though.