MTU problems are not unheard of, it's one of the things you always check for whem you have this type of network problems. Especially when you're running jumbo frames, which used to be quite troublesome when the technology was new.
Another thing to check for is funny-looking TCP flags. Some firewalls tend to drop such traffic, and it may not end up in the logs you usually check.
That's why the first thing you do when one connection works and one doesn't is to tcpdump them and compare. Just last week I had one application which ran ssl directly and in another environment it did a starttls-type thing just because of the underlying libraries.
It was immediately obvious from looking at it, but it would have been terribly difficult to guess. Don't start with Sherlockian reasoning, start by getting all the data.
Another thing to check for is funny-looking TCP flags. Some firewalls tend to drop such traffic, and it may not end up in the logs you usually check.
That's why the first thing you do when one connection works and one doesn't is to tcpdump them and compare. Just last week I had one application which ran ssl directly and in another environment it did a starttls-type thing just because of the underlying libraries.
It was immediately obvious from looking at it, but it would have been terribly difficult to guess. Don't start with Sherlockian reasoning, start by getting all the data.