Mobile user cannot connect (DSLITE/CGNAT?)
I have a disturbing issue with a Firebox and a mobile user. The user has the VPN client and uses VPN with SSL. It worked fine. Now the user has switched it line from DSL to fibre. The new provider uses CGNAT/DSLITE obviously. Now the connection attempts fail.
In the traffic monitor no incoming traffic is seen. However i tested if i can reach the Firebox. This test was positive. If try to connect to a random port there is a deny line in the log.
After some time while connecting i am offered to use the old configuration. And that connects. In the client log i can see some back and forth on port 443. But the connection is not usable since data does not get through.
Today we also tested a L2TP connection which was also negative.
How do i need to set up a mobile user connection under these circumstances? How can i see what is going wrong?
Other users on different ISPs can connect by VPN/SSL.