Why can't I access my companies internal network through my DSL connection but I can through a cable
I work from home by connecting with a Cisco VPN client on my PC through a Dlink 704P router. This worked well with cable, but now that I have switched to DSL, after logging onto my VPN client, I cannot connect to the internal network. I set up the router to use PPPoE and other PCs on the same router can get Internet access. The DSL company said they don't block ports and our company hosts our own VPN servers. When I switch back to the cable connection and same router, it all works again. What might be wrong?
I'm guessing that your cable connection uses DHCP to lease the router's public IP address, but your DSL connection uses PPPoE to get a public IP address. I'd start by checking Dlink's knowledge base for PPPoE configuration hints for your router – for example, you may want to decrease MTU size to eliminate fragmentation of IPsec-encrypted packets.
If the problem isn't with your router's PPPoE configuration, then work with your company's VPN support staff to monitor traffic from your VPN client to isolate the problem. For example, incoming IKE but not IPsec can be an indication that your provider blocks protocol (not port) 50. Incoming-but-errored IPsec packets can indicate a fragmentation or NAT problem. Returned IPsec packets that never reach your VPN client can indicate a NAT-ing device that does not supporting VPN pass-through. Comparing traffic logs at both ends (VPN server and VPN client) and traffic counters on your router can help you spot the device or "hop" where packet drops occur.
This was first published in December 2004