Win10 can not access one port on one site when connected through my network

windows-10 networking vpn local-area-network

I’m doing some work for a company and need to use their VPN to do so. However I’m having problems, quite strange problems.

The company’s VPN configuration and client software is available on https on domain.com:10443 (several other services are available on other ports - none of these have problems ).

If I use any of my Win10 PC’s to connect to port 10443 of the domain while connected through my local LAN, the connection times out. (This happens in the browser and also using curl or telnet). Any service on other port are accessible.

If I instead of Win10 use MacOS, Linux, iPhoneOS or Android connected through my local LAN, the connection to port 10443 opens immediately and the VPN connection can be established.

And,if I move my Win10 PC’s to another Network, such as my neighbors or share my phones data as a hotspot, they can easily access the port. :-/ All of the connected networks have been selected as Private when prompted by the OS.

Thinking there had to be some sort of block in Windows I checked and even disabled the firewall, I also installed and tested a test-server on port 10443 and also tested with the external http://portquiz.net:10443/ and in no cases did I find any blocks.

I have also tried to use IP’s instead of the DNS name, but that didn’t change anything either.

I’m beginning to think the problem may not be 100% on my side.

I’m guessing the Win10 instances must send something in a header that the others do not or the other way around and that the VPN server then choose to ignore my requests based on something in the header, but I’m very open to other suggestions.

Any advice on how to debug this?

Thanks in advance.


In order to debug further:

I ended up setting up Wireshark to capture WAN and LAN traffic on my Ubiquity Security Gateway using ssh packet monitoring (Note, must be selected together with Cisco support during installation of Wireshark on Windows.)

Debugging revealed domain.com:10443 did send responses to requests from all computers on my network, but this response disappeared for unknown reasons in the USG if going to a Windows computer.

At this point I contacted Ubiquity Support, to help identify the root cause for this. They didn't find a solution before I coincidently found a fix.

How it was finally fixed:

By coincidence, I discovered that my ISP was setting a wrong IP (not my public IP) on my WAN connection, and it turned out they had left a NAT turned on. Once this was corrected, the USG stopped filtering responses to Windows computers.

Related

Debian installation with encryption: "No root file system is defined"
Connection to port 22 is not accessible with my network
Consistent Dell raid device names
Lubuntu 19.04: How to add an app shortcut to taskbar?
Bootstrap push div content to new line
An error occurred while parsing EntityName. Line1, position 844
~/Library/Developer/Xcode/iOS DeviceSupport/<iOS Version>/Symbols/System/Library consuming 14+GB of my Mac disk space
Stripe Payment: Getting Error as Customer cus_***** does not have a linked card with ID tok_*****
How can I get the latest version of ConstraintLayout for Android?
.NET Core locking files
Nodejs sequelize bulk upsert
Failed to retrieve settings from https://settings.crashlytics.com/spi/v2/platforms/android/apps/