IKEv2 does not work properly from home networks
I have a problem where I just can't figure it out.
We have a M270 firewall cluster (v12.8.1), IKEv2 in the default configuration with a Radius connection. All clients are Windows 10 Pro clients (Lenovo Thinkpads).
Before we roll out the protocol in the company, we wanted to do some testing first. The funny thing is that there was a problem in establishing a VPN connection from the home office, for example, after analysis with Wireshark it was noticed that the authentication at the firewall fails. After a research I came across a KB article, where it was said that the packet size is possibly too large due to the hash value of the Windows certificate memory. Which is why I deleted a few expired certificates from the Trusted Store. After that the login went without problems.
However, internal services like Active Directory and their network drives are accessible, but not web services, internal as well as external. The loading times are enormous, mostly they do not load at all. The problem exists in connection with the use of a wired connection as well as a wireless connection in the home network.
The problem does not occur with a mobile hotspot, everything is performant. I also tested the same with an LTE router.
Unfortunately, at the moment I have no idea what to do to solve the problem. Do any of you have any idea to debug further?
Thanks in advance.