I’ll try to keep it concise. A user got new home internet (Quantum Fiber, C6500XK modem) and now our Watchguard IKEv2 VPN will not connect. Uses built in Microsoft VPN connection. Generic “Cant establish connection” error. https://i.imgur.com/hf9CJ1O.png
-Tested other user accounts but all fail
-Used to work before changing internet
-Still works on other internet and hundreds of other users still working
-Tested from his laptop w/ telnet to check ports and everything we need is being
allowed outbound and reaching our firewall. (TCP anyway, cant check UDP in this way)
-ISP said they do not block anythiing except tcp25
here is pastebin of sanitized firewall logs if anyone is interested:
https://pastebin.com/cfLPPi4B where 1.1.1.1 is the firewall WAN and 2.2.2.2 is the users WAN
I don’t see anything obvious?
At the same time I had taken a pcap from the users laptop and from the firewall WAN interface. Screenshot here: https://i.imgur.com/8sAsw6g.png
I see Fragmented IP Protocol multiple times. Could that be related? MTU issue? Going to hop back in the users machine on lunch. Anything else to look out for?
Ticket already open with ISP but they are zero help. Vendor ticket pending as well.