Question

Unable to use T-Mobile Home Internet with work VPN, any suggestions?


Userlevel 2
Badge

I’ve recently been told by work Information Services that I cannot use my work laptop with T-Mobile Home Internet.   Here is there response to my support request.

 

T-Mobile's primary service called "5G Broadband" is not true wire-to-site broadband.  While Cisco AnyConnect can work over 5G and other wireless connections, MTS does not recommend its usage unless absolutely necessary, and if you utilize a phone line such as Cisco Jabber call quality cannot be guaranteed.

The issue is that while 5G can provide broadband level speeds and bandwidth wireless solutions, such as 5G, have a higher tolerance for "packet loss."  Packet loss is when individual pieces of data are dropped/lost during transmission.  For most applications this is a minimal issue that 5G speeds may render unnoticeable, but a live connection, such as the AnyConnect VPN or Voice Over IP phone services, will experience connection degradation or be completely disconnected forcing you to reconnect.

This is not an issue MTS can mitigate.  For this reason the only recommended Internet service types are fully wired based connections including DSL, Broadband, Cable, and Fiber Optic services.

 

Does anyone have a suggestion on a way to work around this issue?  It does not need to be perfect, but being able to work from home is essential, and if I can’t use TMHI to do that… it would be a deal-breaker for me.


115 replies

Userlevel 2

Hi Everyone, 

This is something I posted in another T-Mobile forum a while back. After putting some research into this, I believe I have found a solution (at least one that worked for me).

PLEASE NOTE: PART OF MY SOLUTION IS USING MY OWN WIRELESS ROUTER ATTACHED VIA ETHERNET CABLE TO THE BACK OF MY HOTSPOT MODEM. THE INSTRUCTIONS I LEFT BELOW WILL NOT BE OF MUCH USE TO YOU IF YOU ARE NOT USING A WIRELESS ROUTER.

This does not require much tech-savviness as I found what I needed from a YouTube video and a little googling on how to access the settings I needed, which I’ll post a link to at the end of this. Basically, it’s the MTU (Maximum Transmission Unit) settings that T-Mobile uses. You don’t really have to know much about this other than how to find out how to change it, either on your computer or on your wireless router (if using a wireless connection). 

Most internet providers set their MTU size at 1500. This is more-or-less a standard most in the industry follow. From what I found, T-Mobile sets their MTU size at 1450. I’m not going to go into explanation on how this works; just know this is the problem. This tiny difference seems inconsequential, but can make or break your VPN connection. Unfortunately, it’s on us as the customers to find our own solution(s) to this problem. 

This YouTube link gave me the information on how to check my MTU settings and change them on a Windows PC. This is a solution specifically for if you want to only change the MTU Size on individual PC’s in your home. Ultimately, I did not change my MTU Size on my laptop, but the part of the video that helped me find the MTU Size was key to figuring this whole thing out. The link will take you directly a few seconds right before the spot you need to pay attention at begins:

 

 


I’m not a Mac user and am not experienced with using them, but this is a link for all y’all Apple fanatics that I found while I was searching for a reason for this problem. It was the first article I came across that set me on the path to figuring out how to change my MTU setting. Hope it helps:

https://amithkumarg.medium.com/resolved-t-mobile-home-internet-vpn-issue-2f5ca594c23e

And, lastly, I use a TP-Link Wireless router. This link is for TP-Link device owners and shows you how to change the MTU Size. There’s no way I can find links to all the different types out there. However every brand’s settings are easily searched on Google, so good hunting to you and good luck: 

https://www.tp-link.com/us/support/faq/1134/

I hope this helps some people. My issue is (self)resolved. 

Userlevel 1

This exact same thing happened to me out of nowhere today; I’ve had everything working flawlessly since I switched to tmobile over a month ago from xfinity and now it will not accept my work’s vpn. I will cancel my service immediately if this cannot be fixed; this can cost me my job.

Userlevel 2

This is insanely frustrating. I can’t do half my job unless I sit in a cafe with broadband access or work from a friend’s house. But the part that is infuriating is every time I call T-Mobile, I get different answers from different people. Call 1: “Can’t do anything for ya. Sorry.” Call 2: “We can get you to a higher tier of support who will be able to help if you can get us your VPN Settings from your IT Department.” Call 3: “None of what call 2 is true. Sorry to say it, but they lied to you. There is no higher tier of support.”

I bet if I called a 4th time, I’d get another completely different answer. I had this totally fixed by changing the MTU size on my router and now, even changing it directly on my laptop makes NO difference. There really needs to be a fix for this. If I had access to any other ISP that wasn’t worse than this, I’d drop this service instantly. Unfortunately, I’m stuck since I live in a rural area. I’ll stop complaining now. 

Userlevel 1

My company uses Cisco AnyConnect VPN. I’ve been having all the same issues mentioned in this thread and gone down the IT rabbit hole trying to remedy this issue. Finally found a knowledgeable T-Mobile technician that explained if personal or work VPN or systems are operating on IPv4 then you need to go into your T-Mobile home internet app > select network > click “+” to add network > name network > create password > select 2.4 GHz band > select WPA/WPA2 > WPA “TKIP & AES” > then save the new network and connect. Worked out my VPN issues and my security cameras are working now.  

Userlevel 1

[...] Worked out my VPN issues and my security cameras are working now.  

@AJ1234 My wife and I use company VPNs and they seemed to stop working the weekend of Jan 20, 2024. Is that when you started having problems?

My Ring cameras seemed to have stopped communicating with the mother ship, but Alexa appears to be up and running. I was already using the 2.4GHz band, but I didn’t check the WPA settings. I’ll try again next time I’m up there.

I’m in a rural area (Pine, AZ) and their aren’t many options, so fixing this is critical for us to WFH. My VPN connected fine (more-or-less) to company resources, but I couldn’t get to Google Drive. My wife’s VPN had troubles using Teams and couldn’t connect to a cloud app (website) she relies on.

Frustrating. 100% agree with @Homerthefox that it’s deceptive to market this as broadband alternative when so many people rely on WFH.

Userlevel 2

Wanted to post an update. Unfortunately, earlier today, my VPN issues returned. I have no idea what happened. I have tried everything I can think of and have even lowered my MTU size to the lowest setting and am still not able to connect to most apps while on my VPN. I apologize if you try my solution and it doesn’t work for you. Was working perfectly at 1450 MTU until midday today. Hoping it’s just an intermittent thing, but still wanted to post here. 

My company uses Cisco AnyConnect VPN. I’ve been having all the same issues mentioned in this thread and gone down the IT rabbit hole trying to remedy this issue. Finally found a knowledgeable T-Mobile technician that explained if personal or work VPN or systems are operating on IPv4 then you need to go into your T-Mobile home internet app > select network > click “+” to add network > name network > create password > select 2.4 GHz band > select WPA/WPA2 > WPA “TKIP & AES” > then save the new network and connect. Worked out my VPN issues and my security cameras are working now.  

THANK YOU!!! My company uses the same VPN and it worked perfectly until Monday, 1/22, probably the same change you experienced. I followed your guidance and it works perfectly. I’m back to the same full speed I had previously, maybe even faster, and now I have a second home network dedicated to work from home. 

Sadly, this fix lasted about 45 minutes. After that, and then after an hour on the phone with TM help desk it has been escalated.

Userlevel 1

I’m glad I’m not alone in this boat. For me, this started Friday morning 0830 19Jan2024. I have used this service with Cisco Anyconnect and a Meraki z3 for over a year and a half. I have been a Tmobile home internet customer for over 2 years.  Its pretty much my only option. 

If you’re told by T mobile to call your company’s help desk. You can, but they’ll be stumped, all the way up to the network engineers.

For context, I’m Tier 2 Help Desk for a hospital network with 25,000 users and I’ve used Tmobile home internet exclusively for over a year and a half.  

 

I started having this problem on 19Jan as I use a Meraki Z3 to connect to my work network, with Cisco Anyconnect as a backup VPN.  I know there are threads 2 years old about Tmobile having issues with the Meraki but I personally have not. And I had used it for a year and a half with rarely a hick-up. Everything came to a screeching halt at about 0830 Friday morning.  I excused myself from my job to power cycle my devices, thinking Tmobile was slow and power cycle to a new IP. No dice. I lost ALL Meraki connection. Yet the Meraki light showed it was connected.  I switched over to my home wifi and connected to Cisco Anyconnect, but the connection was slow. Roughly 10/2 as opposed to 60/10 outside of VPN. I disconnected from wifi and plugged a direct network cable in. NO connection. I overnighted a network cable from Amazon (I needed a 20 ft). Still NOTHING with a wired connection.  

 

I then placed a warranty claim on my gateway as it was the old 4g white router. Tmobile overnighted a Nokia (trashcan) 5g router.  STILL no wired connection.  And slow wifi with VPN. By this time I had researched reddit and forums and all were coming down to the conclusion with IPv4  vs IPv6 address conflicts. 100% on Tmobile’s side.  But no one at their help desk knew what the heck I was talking about. If I could see their faces, they would probably look at me like I was crazy. I broke out knowledge and experience, and I was shut down like I was speaking a foreign language. 

The guru on my ITS network team in charge of the Meraki Z3 routers mentioned that send and receive are being sent on entirely different ports and the ‘receive’ ports are changing, leading to time outs and bad connections. 

This also affects security cameras like Ring and VOIP phone services.  This will affect a lot of work from home people that talk on a virtual phone like Cisco Jabber or a Cisco IP desk phone.  

 

This is a SERIOUS issue that is going to drive a lot of people to change service as they can no longer use it for a TRUSTED work from home internet connection.  I do hope T mobile scrapes these forums for ideas and user feedback. If not, a lot of people are going to find alternatives; or lose their jobs. 

Personally, like others; I will be spending the weekend searching for another work alternative. My only other option is US Cellular’s home internet. And I’m not impressed with their ping times. If ping times are like my phone (150ms), it won’t even do a Zoom meeting. 

Tmobile was the golden goose that allowed me to live my rural country life while still having a taste of modern internet.  This is no longer the case when it comes to my job security. 

Userlevel 1

Same here... T-Mobile for sure did something on the back end of their network 3 days ago that has rendered my Cisco Anyconnect unusable for internal Networked applications. I did some testing of my own this evening and what worked for me was disabling IPV6 on my external router. I had IPV6 pass through enabled for the last 2 years and had zero issues. Once disabled, It made my overall connection seem more snappier as well. Also I would highly recommend changing the DNS to Cloudflare.

 

My guess is with announcing this 1.2TB throttle a few days ago, they are doing everything in their power to crack down on individuals that abuse their Network. It’s unfortunate that people like ourselves have to suffer at the expense of those individuals.  Hope this helps….

If their intention is to crack down on individuals that abuse their network, blanket banning VPNs isn’t the solution. Example; My work VPN uses about 18gb a month. I, on the other hand with streaming services, downloading games on steam, 4k youtube; I use WAY more data than my work allotment does. I think I hit 900gb one month because a gaming hard drive failed and I had to redownload everything. But if my VPN doesn’t handshake properly, its slapped in the face and denied. 

IMO, this was a bad business choice to eliminate VPNS, to avoid IPv4 support and provide even more of a worse tech support.  I work tier 2 tech support. Every time I call tmobile, they seem like nice people, but the tech part of the interview was waved. 

Userlevel 1

Just to note on this thread in case anyone at T-Mobile is curious, I have GlobalConnect by Palo Alto Networks and this did NOT fix my issue at all.

Same here... T-Mobile for sure did something on the back end of their network 3 days ago that has rendered my Cisco Anyconnect unusable for internal Networked applications. I did some testing of my own this evening and what worked for me was disabling IPV6 on my external router. I had IPV6 pass through enabled for the last 2 years and had zero issues. Once disabled, It made my overall connection seem more snappier as well. Also I would highly recommend changing the DNS to Cloudflare.

 

My guess is with announcing this 1.2TB throttle a few days ago, they are doing everything in their power to crack down on individuals that abuse their Network. It’s unfortunate that people like ourselves have to suffer at the expense of those individuals.  Hope this helps….

I have resolved my issue with not being able to connect to my work VPN working from home……VERIZON FIOS!!!

Userlevel 1

After an hour of going back and forth with Customer service reps and technicians, they gave me this solution.

T-Mobile home internet app > select network > click “+” to add network > name network > create password > select 2.4 GHz band > select WPA/WPA2 > WPA “TKIP & AES” > then save the new network and connect.

The thing is it works but lagging like crazy, can't don't anything. I use Cisco AnyConnect as a requirement from the company and it has been a disaster since I switched from Spectrum to T-Mobile home Internet since the first week of February. Even after this thread, it seems like they still haven't come up with any better solution. I missed my Teams meetings and deadlines while I am working from home. I am on the brink of losing my job. I will wait until this weekend and if it doesn't work out, might as well get Spectrum back. Very frustrating.


I tried this and it does not work for me.  My OpenVPN VPN connection still does not work.  With my other ISP VPN works fine.  It worked fine with T-Mobile Home Internet with the Sagemcom gateway a few weeks ago.  I assume it’s the 1.2AC firmware update that broken VPN.

Ran into the same issue today (Cisco AnyConnect VPN wasn’t working) and ran across this forum post. Called into TMobile internet tech support and spoke to someone who was knowlegeable about the issue. He said that this was a known issue for the Sagemcom manufactured routers but not for any other manufacturer. The only ones that he could order to ship to me as an exchange were the same manufacturer, but fortunately a TMobile store near me had a Nokia one that they were able to exchange super fast (I still had the original box for my non-working one). Got the Nokia one set up and successfully connected to my VPN!

No doubt T-Mobile reads these threads and fixed it so that you can't use VPN. I too was taken a back by this inability to access VPN, rendering working from home - something that 80  percent of the work force is doing these days shocking.  Ill give you in non technical terms what was explained to me..as to why they don't allow it...the towers can't handle that amount of traffic or data moving through the air ..or some garbage along those lines.  I live in a rural area. The closest tower is less the two miles away and the signal to my house sucks. The plan offered to me originally for switching was then retracted and I was told that plan isn't offered in my area. So the cost for service doubled and the data speed became limited.  And then to find out no VPN?  Not a happy camper. I've been a t mobile cell phone user for 12 years and stuck with them while they got their together. Customer service has always been very good. But this experience of being misled and misinformed  has really soured me.  Great concept - but poor execution and would not recommend their home Internet.   

Been using TM 5g home internet for work for the past few months. Logged out last Friday without any issues to speak of. On Monday morning, my services were inop. My work computer showed connected, as did the TM app. After a few days of speaking with my companies IT dept, they informed me the issue is with my ISP. I called TM tech support to see if they had any information to provide. The tech i spoke with was super nice and sounded knowledgeable. He said as of Monday they’d started receiving an influx of calls with this exact issue. He said they are working on a solution, but could not provide a timeline. In the meantime, I’m completely unable to work. If TM cannot get this fiugred out in the next 48 hours, I’ll be forced to switch providers.

 

All of this is really unfortunate because I’ve been a champion of TM 5G. I now look like a donkey to the folks I’ve been telling all these great things. Fingers crossed they come through.

Userlevel 1

I was told as well they are working on it. I have perfect working Internet for everything but VPN for work. Any application that requires VPN (so basically all my work needs) won't stay working for more than 10 min. I have to reboot the computer, gateway, reconnect, and all that for 5-10 min. It's been like this most of the week but completely awful 1/24-1/26.

Really like this service and company, have phones with them and own stock in the company. If they cant fix this soon I'll have to rethink all that and go back to ATT, or worse Xfinity (barf). 

PLEASE DONT MAKE ME DO THAT………...PLEASE

I can’t believe T-Mobile support just flat out told me that their internet service is incompatible with a VPN! How can they advertise that I can use this for work at home with multiple high speed streams, but just conveniently neglect to let me know I can’t use a VPN! No suggestions for solutions, he just offered to cancel my service immediately!

Just to note on this thread in case anyone at T-Mobile is curious, I have GlobalConnect by Palo Alto Networks and this did NOT fix my issue at all.

Same. 

 

Ive called in twice trying to get some kind of resolution and in both cases were told I should try contacting my works help desk.…

 

Will be spending my weekend shopping new ISPs I guess.

Userlevel 5
Badge +8

@Althius your predicament is a mandate from your employer. You might give TM Home Internet customer service a call and ask them if they have any software solutions for your workplace requirement. Or, ask them to pay for the acceptable service they require (employer requirements are usually paid for by the employer). 

I hope this helps. 

Userlevel 1

If you have t-mobile for your phone you can turn it into a hotspot if you have unlimited data. Ive been working like that, ironically the hotspot works just fine and is faster. kind of amazing.

I tried that last Friday (Jan 19) and it still didn’t work. I’ve picked up a new LTE router from a local vendor, it works good at my home in Scottsdale, no VPN issues. Will be trying it out in Pine tomorrow. It’s got an AT&T SIM. The router is a Cudy AC1200 if anyone is interested. It’s 4G, but I don’t think I was getting true 5G speeds from TMobile anyway.

My wife and I need to do video conferencing, and we watch streaming content on just one Roku TV, so we really don’t need a ton of bandwidth.

Also, I have an Ambient Weather station, and it has never connected with the TMHI. It only works on a 2.4GHz WIFI band, and as you probably know, the TMHI will only broadcast on EITHER 2.4 or 5GHz, not both like most home routers. Even on the 2.4GHz band, it wouldn’t recognize the internet from the TMobile cellular network.

I have a very short window to return the LTE router if I want to go back to TMobile. But even if TM gets things fixed up by tomorrow, they may have already lost my trust. As many have said… VPN is critical for my wife and I to work from home. It’s non-negotiable.

I had issues and was told it was because of the TM router not allowing static ips.  I now use my own router and I have not had any issues.

Badge

I got the the white device, the 

https://www.t-mobile.com/support/home-internet/5g-gateway-g4ar

That didn’t solve my VPN Issue. My work uses Cisco-Meraki

Any ideas?

 

Userlevel 1

My company uses Cisco AnyConnect VPN. I’ve been having all the same issues mentioned in this thread and gone down the IT rabbit hole trying to remedy this issue. Finally found a knowledgeable T-Mobile technician that explained if personal or work VPN or systems are operating on IPv4 then you need to go into your T-Mobile home internet app > select network > click “+” to add network > name network > create password > select 2.4 GHz band > select WPA/WPA2 > WPA “TKIP & AES” > then save the new network and connect. Worked out my VPN issues and my security cameras are working now.  

THANK YOU!!! My company uses the same VPN and it worked perfectly until Monday, 1/22, probably the same change you experienced. I followed your guidance and it works perfectly. I’m back to the same full speed I had previously, maybe even faster, and now I have a second home network dedicated to work from home. 

Sadly, this fix lasted about 45 minutes. After that, and then after an hour on the phone with TM help desk it has been escalated.

I really hope its been escalated. From other threads I’ve read, escalation doesn’t exist and its smoke blown up your…. 

I got it resolved by swapping out the Sagemcom and getting the Arcadyan device. Based on the timing of the other comments it seems like it was the latest firmware update that broke all VPN access. My tech support was clueless about the issue, she just said “oh yeah VPN doesn’t work at all.” I told her it was working for 6 months without issue and she had nothing to say to that. Thankfully I found this thread about trying a different manufacturer. So far the Arcadyan is working but its like 30% slower. We’ll see how long this lasts before they push out another destructive update.

We use GlobalProtect and the MTU adjustment was only a temporary fix because every time I reconnected to the VPN the MTU reset itself to 1400. Need admin level to change the MTU so I couldn’t do that every single time. Another work around was attaching a router to the gateway and changing the MTU in the router settings. Even though it connected, it was constantly briefly disconnecting so my large data files kept failing to transfer. If you can deal with these problems then the swap may not be necessary for you.

Reply