VPN issues

I just got the same message sent to me as Josh123. I’m in IT and work for a large company and troubleshooted the issue with our engineers for a few hours to figure out this is on the T-Mobile side. We are all amazed that they can’t support and won’t support ipv4 and what is more troubling is that they actually give you an ipv4 address for your external gateway which is the same thing Comcast and I’m guessing others are doing. So it makes no sense. The speeds have been awesome as we are less that 5,000 feet from the tower. Everything works great except the most import thing which is being able to use my VPN client. We use Global Protect by PaloAlto.

Same issue over here… on a Nokia 5g Gray. Coworker on the 4g White reported same issue after a firmware update was pushed. IPSec VPN is not working over Tmo home internet. I tried both work and home. PPTP oddly enough worked, but that's not a reasonable solution nor is it secure. I really doubt anyone’s employer is going to re-architect their infrastructure for dual stack VPN for a single or a hand full of employees. Same VPN’s work when connected via TMO hotspot on my cell… so I am not sure why they are blocking it. No options in the web console. Not very happy… Hell, charge me $5 more a month to make it work… Looks like TMO was not the escape plan I had hoped for getting away from comcast.

Seems to be a recurring theme.

I’m having the same issue here. 

Using my old internet connection, I have no issues. The moment I switch over to T-Mobile Home Internet, I can’t login to the VPN.

Any ideas?

Mine was just the MTU issue, was able to resolve it by lowering the number. If this blog can be helpful for anyone to troubleshoot and resolve the issue:
https://amithkumarg.medium.com/resolved-t-mobile-home-internet-vpn-issue-2f5ca594c23e

I’m having the same issues with connecting to my wife’s company’s VPN.  I thought I’d be able to get away from Spectrum, but T-Mobile doesn’t like like a viable solution - despite significant efforts on my part to make it work.

About three weeks ago, I tried connecting to T-Mobile. Initial attempts in connecting to T-Mobile weren’t good – and I was only able to achieve download speeds of 15 mbps.  I called their technical support and found they were having tower/equipment issues - and had been for about 3 weeks - with no anticipated date for repair.  I put back the Spectrum service and told them I’d try it again when they had their equipment issues fixed.

ON 2/1, I re-installed the T-Mobile Gateway equipment - NOKIA 5G21 GATEWAY: T-MOBILE HOME INTERNET and connected T-Mobile Gateway via Cat 5 ethernet directly to my TP-Link Archer AX11000 wireless router.  I did repeated internet bandwidth testing using Speedtest - both through my computer’s Chrome browser, and through the TP-link app - directly from the wireless router.   I wasn’t having any issues with any of my internet-based usage and needs -   achieving download speed ranging on the low-end from 50 Mbps to 110 Mbps. We can stream 4K programming to our TV’s, monitor outdoor 1080p security cameras, conduct video conferences, and all of the normal data applications and downloads. 

Using a Cisco AnyConnect VPN is a WHOLE DIFFERENT STORY.  It DOESN’T WORK with T-Mobile. As soon as I connect to the VPN, my internet speed/bandwdth is non-existent and I can’t access any of the company systems.  Beginning on Friday, I spent two days troubleshooting the issue.  In every case, I would have connection bandwidth speeds between 50 Mbps to 110 Mbps on all of my devices - including the computer I need to connect to the VPN.  With my first attempt, I used Speedtest on two successive runs, with upload speeds were 15 and download speeds were 49 and 72.  Next, I successfully connected to the company VPN  (IPsec) IPv4) , ran Speedtest, and received 10 down and 1 up, and then 6 down and 10 up.  I simultaneously ran the TP-Link Speedtest app and received 86 down and 7 up.  I disconnected from the company VPN, and recorded speeds of 70 Mbps. 

Later on in the evening, we ran more comparative tests and the results were even more disconcerting.  The T-Mobile speeds in general were lower – averaging about 50 down and 8 up – as measured both on my wife’s computer through her Chrome browser using Speedtest prior to VPN connection and independently on my TP app also using Speedtest.  However, once connected to the VPN, opening the Chrome browser and attempting to run Speedtest, I couldn’t even get the Speedtest to run – receiving “Download Test Error”. 

The company’s IT Director took the computer home over the weekend to troubleshoot it in his home environment with Spectrum.  He had no problem connecting through the VPN, and recorded speeds in excess of 70Mbps.

This evening, I again attempted to connect to the VPN, and had the same results.  After a 2 hour wait to get T-Mobile support, I had a nice support rep who simply took down my information, created a trouble ticket, and said someone will get back to my in 24 - 48 hours.  After reading all of the other people who are having the same issues, and having no addressable solution, I placed an order for Spectrum to have my service restored.

This is the response I got back from them….“This is the workaround engineering has provided to us. We only use IPv6. This is a known pain point that is currently under review. There currently is nothing to escalate”

Some troubleshooting info for folks: I had to swap from WireGuard to OpenVPN, had to swap from a UDP to a TCP connection type and I was able to get my VPN to function.

I too am having this issue with the Grey T-Mobile Gateway and GlobalProtect. I live out in the middle of nowhere so we don’t have any other real high speed options by any definition of the word. It is very unfortunate that when I finally sign up for a real high speed option, it doesn’t work with my company’s VPN. My company won’t change anything since I am 1 case in about 8000 employees so I hope there will be a fix soon from T-Mobile.

Honestly though, I can’t imagine their QA team did enough testing before releasing this product. They have to have known that people would intend to work on this network through a VPN. 

I’m extremely disappointed that T-Mobile does not publish a list of incompatible VPN devices. This country is working from home, many with VPN devices. I have been on several long waits and calls only to find out T-Mobile does not support the Cisco Meraki VPN. My company’s IT team has had similar issues with other carriers but resolved it with getting a static IP Address assigned. This is not an option from T-Mobile. My company will now inform new employees which carriers to use, I guess some will be blacklisted. What are the chances T-Mobile will notify me IF this problem is resolved before I return to my ISP that just buried fiber in my street? Aside from this, the 5G home router works excellent for all my other connected devices.

Been fighting this issue for a couple of months. On my windows 10 laptop connected to Cisco Anyconnect VPN I had the IT administrator reduce my MTU to 1350 via this command

netsh interface ipv4 set subinterface “Network Name” mtu=1350 store=persistent 

substitute Network Name with your whatever your actual connection in.  Mine was Ethernet 2.

It worked.  I’m connected to VPN and have blazing speed.

I have had the T-Mobile Home Internet Service for about 2 months now and have been fighting non-stop with the VPN issues. I use Cisco AnyConnect for my work and constantly have issues with applications needed for work, mostly Microsoft Teams. When NOT connected to the VPN my download is about 75mbps and upload about 25mbps, all very good numbers. However, once connected to Cisco AnyConnect those numbers come down to almost a crashing halt of 2.5mbps down and 2.0mbps up… it is absolutely awful and quite honestly embarrassing because I have to be on Microsoft Teams all day including conferences.

I’ve talked to the tech support and it was elevated to a second tier, but that resulted in no solution. Their belief is that the VPN was the problem and that I needed to speak with my employer’s IT department about it… so I did. I opened up various tickets through my employer and went in to the office so they could do additional diagnosing. They could not find anything wrong, in fact, had me log in to the VPN via their network and it worked just fine. 

I have starlink service on order and hope to have it here in a month. Ideally for the cost and what I anticipated being great performance by T-Mobile, I would prefer to keep T-Mobile. However, I simply CANNOT wait much longer especially if the company appears to be denying even an issue.

Hope T-Mobile comes to the rescue.