I am using TMobile home internet with a 5G router.
the connection appears fine until I connect to my work VPN (speed unusably slow). Other employees do not have the same issue using the same VPN and I have been working with IT.
The VPN is using Cisco AnyConnect to a DTLS, SSL, TCP and UDP 443 endpoint.
They are suggesting that there may be a problem at TMobile with the UDP traffic on port 443.
could someone please verify this for me?
thx
Does anyone at TMobile read these?
Does anyone at TMobile read these?
This community is mostly made up of T-mobile customers like you, with sparse T-Mobile moderation. We are usually not privy to the internal information within T-Mobile, to accurately answer questions such as you have asked.
Your best option is to contact T-Mobile directly.
https://www.t-mobile.com/isp/faq
Where can I get help to set up or trouble shoot?
If you are having problems with the connection, the Gateway or the app we can help! Go here for more information: Troubleshooting Support. You can also reach out to us on social media or call the T-Mobile Home Internet support team 24x7 at 1-844-275- 9310 to get help with your service.
There are a few threads that might address your issue:
VPN Issues with T-Mobile Home internet when using Cisco Anyconnect
Firmware update has fixed my Cisco AnyConnect VPN issues with T-mobile home internet
This is a known issue to us, everyone with T-Mobile’s Home Internet service and the Cisco VPN Client have WEIRD issues, and have only been able to switch Internet providers, as absolutely no solutions were provided by T-Mobile, in both cases, almost like they don’t know what the issue is. Last one was about a month ago 7/2022, and she switched Internet providers and all is well.
It’d be nice if like a second level support could assist at T-Mobile, but no such luck in troubleshooting on their end.
It appears to be a router issue, maybe a memory leak, blocked ports, or bad routing?
I noticed one time that all DNS queries did not resolve DNS hostnames (FQDN acutally), via the VPN connection.
Happy to report that T-mobile replaced my modem with a new model and the problem appears to be fixed!
Happy to report that T-mobile replaced my modem with a new model and the problem appears to be fixed!
Did they replace with the same type of 5G gateway or a completely different model? Do you mind sharing what gateway works now for you? Having a similar issue but I cannot even connect to my VPN. TIA.
Checking the box for Allow local (LAN) access when using VPN (if configured) in the Cisco preferences worked for me. I also selected the “First_Time_Connect” server (don’t know if that’s a universal option). I’m online now via T-mobile for the first time in two weeks.
I installed an Eero Pro mesh network, and now the VPN works without a problem.
For anyone out there using Microsoft VPN technology; DirectAccess, which uses HTTPS tunneling, works fine over T-Mobile internet. However Microsoft Always On VPN, configured to use IKEv2, is blocked. Just got off half an hour with tech support, they can't unblock it.
I'm going to try and get our Always On VPN approved for SSTP, which is not as secure as IKEV2 but uses HTTPS tunneling as well, which should work.
We are using the same and I am having issues with SIM cards. We need to fix this. We are looking to move over 100 phones to Verizon if they do not get this fixed. We are also using IKE2 and we are not about to change protocol based on a single carrier.
Called for the 3rd time today with same issues. Apparently the ping is too high and T-Mobile drops packets as data is sent. The tech explained that bc the IP address changes frequently, TMOBILE is not compatible with working through a VPN. So, the problem is going to continue and they don't have a solution. She was amazingly honest and I will be keeping my service for my home with them but for office I'm getting a new provider.
We have a static VPN address and the tracert showed over 500 ms.
Called for the 3rd time today with same issues. Apparently the ping is too high and T-Mobile drops packets as data is sent. The tech explained that bc the IP address changes frequently, TMOBILE is not compatible with working through a VPN. So, the problem is going to continue and they don't have a solution. She was amazingly honest and I will be keeping my service for my home with them but for office I'm getting a new provider.
What number did you call to get them?
We both have the same phone, and I'm having trouble with SIM cards. This needs to be fixed. If they don't fix this, we might switch more than 100 phones to Verizon. We also use IKE2, and a single carrier isn't going to make us switch protocols. MyKohlsCard
Hi Everyone,
After putting some research into this, I believe I have found a solution (at least one that worked for me).
PLEASE NOTE: PART OF MY SOLUTION IS USING MY OWN WIRELESS ROUTER ATTACHED VIA ETHERNET CABLE TO THE BACK OF MY HOTSPOT MODEM. THE INSTRUCTIONS I LEFT BELOW WILL NOT BE OF MUCH USE TO YOU IF YOU ARE NOT USING A WIRELESS ROUTER.
This does not require much tech-savviness as I found what I needed from a YouTube video and a little googling on how to access the settings I needed, which I’ll post a link to at the end of this. Basically, it’s the MTU (Maximum Transmission Unit) settings that T-Mobile uses. You don’t really have to know much about this other than how to find out how to change it, either on your computer or on your wireless router (if using a wireless connection).
Most internet providers set their MTU size at 1500. This is more-or-less a standard most in the industry follow. From what I found, T-Mobile sets their MTU size at 1450. I’m not going to go into explanation on how this works; just know this is the problem. This tiny difference seems inconsequential, but can make or break your VPN connection. Unfortunately, it’s on us as the customers to find our own solution(s) to this problem.
This YouTube link gave me the information on how to check my MTU settings and change them on a Windows PC. This is a solution specifically for if you want to only change the MTU Size on individual PC’s in your home. Ultimately, I did not change my MTU Size on my laptop, but the part of the video that helped me find the MTU Size was key to figuring this whole thing out. The link will take you directly a few seconds right before the spot you need to pay attention at begins:
I’m not a Mac user and am not experienced with using them, but this is a link for all y’all Apple fanatics that I found while I was searching for a reason for this problem. It was the first article I came across that set me on the path to figuring out how to change my MTU setting. Hope it helps:
https://amithkumarg.medium.com/resolved-t-mobile-home-internet-vpn-issue-2f5ca594c23e
And, lastly, I use a TP-Link Wireless router. This link is for TP-Link device owners and shows you how to change the MTU Size. There’s no way I can find links to all the different types out there. However every brand’s settings are easily searched on Google, so good hunting to you and good luck:
https://www.tp-link.com/us/support/faq/1134/
I hope this helps some people. My issue is (self)resolved.
I am using T-Mobile 5G home internet. Everything works great, but all of the sudden when I connect my work laptop to the VPN, nothing over the VPN works. This was working fine for a year. Not sure if there was a firmware upgrade something that caused this. After a ton of searching, I found the issue for me. It was the MTU setting on my laptop. This is very easy to fix. It was as simple from changing a setting from 1400 to 1374. That worked. Google hot to check your MTU size. It is with the “NETSH” command. Do some ping tests forcing a MTU size until you find the best one. Make the change. Very basic overview….
1.
Checking and changing the MTU size
Open a command prompt as admin
Check the MTU size as it is set now.
Netsh interface ipv4 show interfaces
Before we change the MTU, we need to find the optimum size by using this command
Ping 8.8.8.8 -f -l 1400It is showing as fragmented. We want to find the highest number where we do not get that. So keep trying numbers, lower and lower until one comes back normal.
For me, it was 1346. That’s our base number. Fore technical reasons having to do with headers, etc, we need to add 28 to that number. My number would be 1374.
3.
Change the mtu (CMD as admin)
Netsh interface ipv4 set subinterface “Ethernet 4” mtu=1374 store=persistent
(Ethernet 4 is the name of my interface, yours will probably be different, like “Wifi” )
Now check your change.
Netsh interface ipv4 show interfaces
You should now see the new MTU
I am using T-Mobile 5G home internet. Everything works great, but all of the sudden when I connect my work laptop to the VPN, nothing over the VPN works. This was working fine for a year. Not sure if there was a firmware upgrade something that caused this. After a ton of searching, I found the issue for me. It was the MTU setting on my laptop. This is very easy to fix. It was as simple from changing a setting from 1400 to 1374. That worked. Google hot to check your MTU size. It is with the “NETSH” command. Do some ping tests forcing a MTU size until you find the best one. Make the change. Very basic overview….
1.
Checking and changing the MTU size
Open a command prompt as admin
Check the MTU size as it is set now.
Netsh interface ipv4 show interfaces
Before we change the MTU, we need to find the optimum size by using this command
Ping 8.8.8.8 -f -l 1400It is showing as fragmented. We want to find the highest number where we do not get that. So keep trying numbers, lower and lower until one comes back normal.
For me, it was 1346. That’s our base number. Fore technical reasons having to do with headers, etc, we need to add 28 to that number. My number would be 1374.
3.
Change the mtu (CMD as admin)
Netsh interface ipv4 set subinterface “Ethernet 4” mtu=1374 store=persistent
(Ethernet 4 is the name of my interface, yours will probably be different, like “Wifi” )
Now check your change.
Netsh interface ipv4 show interfaces
You should now see the new MTU
Thanks very much for this! Looks like this could be working for me.
However, following your testing procedures by pinging with different sized packets, when I’m not on VPN, I’m able to send packet sizes up to 1472 successfully (corresponding to MTU of 1500). When I’m connected to my VPN, the MTU was already set to 1390, but I was still having issues with VPN. I went ahead and just tried your MTU setting of 1374, and it seems like VPN is working so far (only tested a few minutes). Tried various settings around 1374, and anything larger fails, while smaller settings continue working.
So for others, if the detected maximum MTU size doesn’t resolve your VPN issues, try 1374, or possibly other settings that are smaller than the detected max MTU size. In my case, changing MTU size via netsh made immediate impact, so it was easy to just test different values to see what works.
Here was my situation and how it was eventually fixed.
We’ve had Spectrum Internet for a few years and everything worked great but they kept increasing the price on us. No problems at all with anyone's access. We switched to TMobile Internet right after Thanksgiving (Black Friday deal) and the modem wouldn't work right out of the gate. Took almost a month for them ( and 2 SIM card changes + 1 modem change) to figure out that it was a configuration issue on their end. So had the system up and running right before Christmas and it worked great for everyone. But then, right after the holidays were over, my wife fired up her work computer for the first time on TMobile Internet service and right away had the “connection lost” issue every one describes above. She would start up and connect but then, after some time, Outlook, Teams and Edge would all show as disconnected. She could switch to another router or even ethernet and this would temporarily fix her connection but it would always come back. I had been working in the meantime on my work computer without any issues on both the Spectrum and TMobile networks. I tried all of the fixes mentioned above but none of them worked for her. Finally got another modem, plugged in the old SIM card and voila it worked immediately. There were 2 other symptoms of this that also went away - my Ooma VOIP system reconnected (it had been flashing red for weeks) and my Ring cameras stopped acting flaky when trying to view video.
Here are the OLD (non-working) and NEW (working internet) modems. So looks like its a modem issue
Old black modem model = FAST 5688W
New white modem Model = TMO-G4AR
If you're experiencing trouble connecting to your work VPN, it could be due to various reasons. Here are some steps you can take to troubleshoot the issue:
Check Network Connection: Ensure that your device is connected to the internet and that your Wi-Fi or Ethernet connection is stable. If you're using Wi-Fi, try switching to a different network or connecting via Ethernet cable.
Verify VPN Settings: Double-check the VPN settings provided by your IT department or network administrator. Make sure you have the correct VPN server address, username, password, and any other required authentication details.
Restart VPN Client: If you're using a VPN client application, try restarting it. Sometimes, restarting the client can resolve temporary connection issues.
Restart Device: Restart your computer or mobile device to clear any temporary glitches or network configurations that may be causing the issue.
Update VPN Client: Make sure you're using the latest version of your VPN client software. Updates often include bug fixes and improvements that can help resolve connectivity issues.
Firewall and Antivirus: Check if your firewall or antivirus software is blocking the VPN connection. Temporarily disable any firewall or antivirus software and try connecting to the VPN again to see if it resolves the issue.
Check VPN Protocol: Some VPNs support multiple protocols (e.g., OpenVPN, L2TP/IPsec, IKEv2). Try switching to a different VPN protocol in the settings of your VPN client to see if it improves connectivity.
Contact IT Support: If you've tried the above steps and still can't connect to the VPN, contact your company's IT support team for assistance. They can provide additional troubleshooting steps specific to your organization's VPN setup.
Alternative Connection Methods: If you're unable to connect to the VPN using your current network, consider using alternative methods such as tethering to a mobile hotspot or connecting from a different location (e.g., a public Wi-Fi network or a different internet service provider).
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
