T-Mobile Home Internet & GlobalProtect VPN | Resolution

  • 5 June 2021
  • 8 replies
  • 249 views

Badge

If you have a VPN issue, specifically GlobalProtect, I think I found a fix that has been working for me with T-Mobile Home Internet.

Tldr; Set your T-Mobile Home Internet  Wi-Fi Network name to automatically connect (so it connects when you turn on your PC) and under properties change the Network profile from Public to Private – viola. GlobalProtect VPN now works for me, so I can now assess whether I will keep Comcast or T-Mobile. Decisions lol

Background: My current provider was Comcast and my rate is $50 with “Promo”, ebill, and Autopay for their Blast! Service. I use my own equipment (Moto modem, eero Wi-Fi 6 router) – no issues. The agony/anxiety of having to call them every year when your promo ends and your bill goes up, you threaten to leave, they say they have the same price but for lower speeds, you don’t accept, then eventually they keep you at the same rate and speed – after several years of this same rodeo it is annoying.

Present: It’s my 3rd day of having T-Mobile Home Internet. With Comcast I was getting anywhere from 200 -300 Mbps. I get the same or better speeds with T-Mobile, hitting as high as 465 Mbps and 30 on Upload. In short, the speeds at their lowest thus far, have been the same or better. I appear to be on Band 66 which gets me the best speeds in my location and Band 2 still fast but I do see a speed decrease. Unsure if/how the Primary/Secondary connection are at play and if I’m taking advantage of 5G. The first evening was cool, until the next morning I tried to connect to my work VPN and couldn’t. When I called that second day, the rep opened a ticket to backdate my software to .0168 stating this was a temp fix for VPN issues – well later that day I noticed the firmware version dropped – so I tested with Ethernet cord and it still did not work. I tried 3 resets, rebooting and searching online for self-service to update my firmware – no dice- faux pas – had to call back in to request they update to latest firmware as speeds were still good but I noticed a difference in the firmware versions. At this time, still waiting for the “push” smh to go back to .0178.

In the past, with Comcast, I did not want to run an Ethernet cord so I would use my Wi-Fi seldomly– I could always connect to the VPN but if I could access the sites was hit or miss, then magically I plug in the dumb Ethernet cord and it works. So, I did the same with T-Mobile, read all the forum thread post on possible causes and fixes. Well accessing the MTU or Ports or whatever else is not something I could do, nor do I think it should even be this difficult between IpV6 and 4 – if 6 is the future then let it be! Anyways, so I was contemplating a return because if I can’t use the VPN whose gonna pay my bill?

Based on what I have read, unsure if it’s the VPN provider, your companies own IT limitations protocols, the type of Internet connection required for the VPN to function, it seems like all are valid depending on your VPN, settings, and the ISP provider.

So anyways, I really would love to have 1 bill and get rid of Comcast. So, because of the error or patch issue I would get if I turn on my work PC and it is not connected to an Internet source (Ethernet or Wi-Fi) it gives an error. I used to manually connect to Wi-Fi because when we changed VPN’s it was hit or miss, so I changed it to Automatic connect to network. GlobalConnect logs in but I can’t access data or my work sites, or even Google.com, I can open Outlook though lol -so I had an epiphany.

I changed the setting, so it connects automatically AND I went into properties under the network name and changed the Network profile from Public to Private – then magically everything worked just fine!  Smh – so is this the missing link with GlobalProtect VPN? Or my companies IT protocol for Wi-Fi? Either way 3 reboots later, I’ve tested, and all is well, so glad I don’t potentially have to cancel T-Mobile Home Internet, or run an Ethernet cord in my home just to work – will continue to test.

Now My Comcast ping ~10, with T-Mobile its ~25-45 – not a gamer so it doesn’t concern me. I noticed when I do a speedtest on my work PC connected to VPN(via Wi-Fi of course) the ping was 54 and Dl was ~60-75 Mpbs – versus my personal PC on the same network was 27 ping and 399 - 465 Mbps down LOL . I have not and will not try Ethernet with the VPN anymore as Wi-Fi seems to be working and my work space is neat like I like it…


8 replies

The 178 firmware update broke the GlobalProtect VPN.

Changing the WiFi network (in Windows) from public to private did NOT work for me. It is still broken.

Reducing the MTU to 1300 did work, however!

See this thread

Badge

Reducing the MTU to 1300 did work, however!

See this thread

What your IT team reduced this for you?

 

Funny they downgraded me to .0168 - and it still didn’t work on Ethernet - so the last ~2 hours I noticed my sites did not open - checked it only on Primary connection band n41  - no secondary connection - not sure if it is heat related, I haven’t turned my A/C on yet upstairs - sites were partial loading incomplete, so I get it the Tech is still getting perfected - now, I noticed that the software was updated back to .0178 as I requested - so now that I see your comment I put two and two together at first I thought it was weather related/signal degradation \De-prioritization - so it appears that there is something between the two change logs that causes the issue - I also can’t connect to secondary connection and now have 2 bars instead of the three - will try tomorrow - smh thought I had a fix even with Wi-Fi tehis  MTU step seems like something T-Mobile should just address so we don’t have to...

Yes, I had my work IT department change the setting on my computer as described in the other thread. Yes, T-Mobile should send another firmware update that raises the MTU for the gateway device so this change isn't necessary for the customer to make on each of their computers.

Badge

Yes, I had my work IT department change the setting on my computer as described in the other thread. Yes, T-Mobile should send another firmware update that raises the MTU for the gateway device so this change isn't necessary for the customer to make on each of their computers.

Sidenote: Do you have to do multi-level login to access this forum? I log in from the same PC and select “yes” and it says it won’t require the multi OTP but it does every time I log in lol smh

 

Interesting. Well I don’t know what to say anymore. They need a change log of each firmware version and clear communication. So since yesterday I’ve had no secondary connection and I’ve been on band n41 based on the app – and they put me on .0178 only to have me back on .0168 so I have to call back to find out why I was switched again because I did not ask to. Interesting.

It just seems like a more realistic fix for them to update the MTU or whatever and release a firmware update, its delaying the inevitable -  

Badge

Update:

So, it appears there is an issue with .0178. LOL they keep bouncing back and forth, I’m not going to call anymore unless I have service issues. So up until yesterday evening, I was on .0168 – and then I noticed I could not connect to job sites on VPN (but the same issue happened on .0168 and once I rebooted the Gateway it allowed me to connect to work sites). ibb.co/pPGrdF8

Prior to TMHI, I had/have Comcast, and somedays the VPN would let me work off of Wi-Fi and other times not, and when it wouldn’t as soon as I plugged in my Ethernet port – it would load immediately. Well, yesterday, I tried to see what the issue was and I was on .0178, after I logged into GlobalProtect, I got the patch error I used to get when I would connect via Wi-Fi on Comcast(and I want to say a few times even on Ethernet). So, I restarted both PC and TMHI Gateway, still wouldn’t let me in, kept getting patch error, on .0178. I plug in the Ethernet cord to see, I have never gotten the VPN to work on TMHI Ethernet connection. Well, I got the new error saying connection is unreliable from GlobalProtect – at this point, I think it’s a combination of different issues as nothing seems to be consistent.

That said, this ordeal showed me, I could use Wi-Fi and GlobalProtect by changing from Public to Private- without getting a patch issue and to contact system admin- well this morning, no error, my TMHI is back on .0168 when just last night it was on .0178, and yea I guess this is what its supposed to be on – until next time…

Userlevel 4
Badge +3

Sounds like your firewall may not be configured properly for a protocol your VPN is using (or possibly even for the app in general).  Otherwise it would not matter between the public and private firewall profiles.

 

May want to contact your work IT guru to step through those firewall settings with you?

Badge

Sounds like your firewall may not be configured properly for a protocol your VPN is using (or possibly even for the app in general).  Otherwise it would not matter between the public and private firewall profiles.

 

May want to contact your work IT guru to step through those firewall settings with you?

yea prolly not lol - I just know it works - and technically they don’t support Wi-Fi and want us to use Ethernet cord smh get with the times

Reply