TN business has Comcast Business connection, have for a while, with a Cisco VPN device for home/teleworkers to connect to corporate office using a VPN client. It has worked for years and suddenly 2 separate home Comcast users are no longer able to connect as of Wednesday, April 25th - one of the Comcast home users is located in TN & other in FL.
There are multiple other home/teleworkers with different ISPs (AT&T, XO, etc.) that have no problem whatsover - working as normal. The Comcast home user located in TN even brought her PC to the business & was connected through an XO internet connection and the VPN client worked fine - this ruled out it being anything on the PC or the VPN endpoint device at corporate - the only thing left it could be is Comcast. And since it is happening for 2 separate Comcast home users, it seems very likely the issue is Comcast.
I've seen multiple posts in these forums (https://forums.xfinity.com/t5/Internet-Archive/Is-Comcast-blocking-VPN-activity/td-p/2621407 for example) & on the internet saying Comcast doesn't block any VPN ports. However, that is absolutely what appears to be happening. Either blocking the ports, or some sort of routing issue because it's from a Comcast home network to a Comcast business network.
I would also add the Cisco VPN device at the corporate location was set for "debug" logging on the outside interface which logs all traffic - when one of the Comcast home users attempted to connect, there was no traffic whatsoever from her home computer going through the home Comcast connection even making it to the VPN device.
One of the home users has called Comcast tech support - they've reset the cable modem & even replaced but still same issue. I think at this point it needs to go to a higher level tech at Comcast but calling tech support is a nightmare...and with others having VPN issues too, I'm thinking the best solution is to tell the home users they have to switch their home service to something other than Comcast.
I'm going to try escalating your ongoing issue to the Comcast corporate employees that are available to these boards. You should get a reply here in your topic.
Thank you EG! Another thought I had was did Comcast push out some updates/firmware on the 25th? I saw some posts mentioned changing the internal IP subnet to something other than 10.x.x.x but that wouldn't explain the suddenness of it not working.
I know you're in NJ (if I recall from other posts) but in TN on the 25th there was an area wide brownout from about 2-3 seconds. Not sure if that affected some routes or other...the story was a snake wrapped around 2 lines in a power substation. A lot of businesses in the area were effected - all the servers, switches, routers, cable modem, etc. were all on UPSes so no power cycle for them.
Hello jwm_tn. I can assist in reviewing your internet provisioning and network configuration, for the VPN issues you are encountering. So that I can assist, please send me a private message and include your full name, service address, and account number so I can access your account.
The one TN user is working as of yesterday - after her cable modem was swapped out a 2nd time. Whether a different model was put in this time, her home IP address was changed DHCP or what exactly the details of what finally resolved, I have no idea...could even be a route somewhere at Comcast's CO - something got rebooted & cleared...something. I didn't change anything on the business customer's comcast side nor reboot anything so I'm definitely thinking it was either an update Comcast pushed out to the model modems these 2 were using or a route somewhere.
At this point, waiting for the FL home user to reply if she's working okay too - if not, I'll recommend she have Comcast swap her cable modem too & ask the TN user to send a screenshot of the label on her new cable modem to determine the model.
FYI, FL Comcast home user is working now too w/o having her cable modem swapped. Not marking anything as answer because it's unknown exactly what the issue was; however, it was definitely "a Comcast issue" since only Comcast home users had the problem, no other ISPs, and nothing was changed on the business' side.
Frustrating as an I. T. admin not knowing but at least they're not open Help Desk tickets still asking when it's going to be fixed.