VPN Connectivity Stopped Working

Hello@Rlugones, we understand the gravity of your situation.

To have a detailed idea on this we wanted to know from when did this issue start, were you able to connect your VPN earlier?

Awaiting your response.

Please let us know if you need any further assistance.

Fiona Q - AT&T Community Specialist

Issue started happening this morning when I logged in. I have been using the same vpn for 4 years without issues. I called customer support and they are shipping me a new gateway.

Hello@Rlugones, thanks for reaching out to AT&T Community and Forums.

As you have mentioned that you are getting a new gateway, please try connecting your VPN through that and let us know if that is working fine.

Please reach out to us, in case of any further assistance.

Happy to assist!

Fiona Q -AT&T Community Specialist

Did shipping new HW solve your issue? I got the same response once the T1 support person realized I'd done some troubleshooting and it seemed to me that the gesture was just supposed to make me happy rather than solve any sort of issue.

This TLS handshake issue can crop up and last days at a time, or only hours. It persists through reboots, factory resets, and power resets (unplugging the device for several minutes to several hours). Everyone who is sent a new device does not have the same original, suddenly "faulty" device. This suggests that it is not hardware related or, at least, not related to any hardware customers have access to. This indicates an issue upstream.

So through a little deductive reasoning it seems to be 1) an issue AT&T is unable or unwilling to fix, 2) deliberate attempts to unmask traffic that is running through VPN through "technical issues," or 3) just AT&T looking for ways to cut traffic without admitting that they are blocking ports, protocols, or subnets. I prefer Hanlon's Razor for this one.

I also haven't activated the new gateway I was sent because, after some reddit spelunking, it seems like the hardware is not improved and, in fact, may be worse than what I already have. I also never see anyone come back to any of these numerous threads with reports of the issue being solved by receiving new gear. "They're sending me a new gateway" and then never hearing from the OP again seems to be the norm. That could mean that the issue is solved or that the OP got tired of doing AT&T's work for them and figured out another solution that bypasses AT&T.

So, did it work?

Did shipping new HW solve your issue? I got the same response once the T1 support person realized I'd done some troubleshooting and it seemed to me that the gesture was just supposed to make me happy rather than solve any sort of issue.

The answer is no, shipping new HW fixed absolutely nothing. This is a well known issue that AT&T hasn't been able to fix since around 2020. It is not in consumer-reachable hardware, it is in AT&T's network. And AT&T actually has no vested interest in fixing it because it cuts down on VPN traffic while also forcing some customers into Business plans.

I'm not going to call support again just so that I can get lied to and handed non-solutions that are just meant to push the problem down the road. I've already wasted enough hours on this nonsensical problem (we are in 2024 and not 2004, correct?); I'll just switch to another ISP.

I've been using VPNs on AT&T's network for nearly 15 years without significant issues attributable to AT&T.  I have been timed out by the VPN software on the server.  I have been disconnected due to too much traffic on the VPN host network.  I've used both IPSEC and TLS based protocols (I prefer the IPSEC functionality on this VPN).  I spend most of each business day connected to a VPN.  

So... you can't say categorically that AT&T hates VPNs or doesn't support VPNs.  There may be issues with how some VPNs operate that doesn't play well with AT&T's network.  It may not work well if you have dual-NAT.

I wouldn't expect it if broke mid-morning after working for years that it's actually an AT&T issue.

@jabele3 Thank you for being rude and obnoxious.  It doesn't prove your point, though.  I will say that I am not talking specifically about OpenVPN because, well, you just mentioned OpenVPN in your last tirade, and my experience is with five different vendor-specific VPNs (two being from Cisco).  So, if you want to edit your statement to AT&T doesn't play well with OpenVPN, that's not something I can argue against.  

Do you own both ends of your OpenVPN connection?

[Oh, and BTW, yes, customer service is horrible, the level 1 can't do anything other than replace gateways and send techs, and sending techs is more expensive.  But that doesn't mean every problem a customer experiences is AT&T's fault.  Or that it isn't.]

[And, one more thing... Yes, there are a lot of entries when you google for AT&T OpenVPN issues.  However, try replacing AT&T with Comcast, Xfinity, Charter, Spectrum, etc. and you'll also get a significant list. ]

From what i recall turning ipv6 off and also SIP ALG in firewall off. Then setting MTU in broadband configuration from 1500 to 1472 is something people do to help with vpn issues. How it actually helps I wouldn't know.