It seem to OPTUS/NBN is blocking the TCP SYN packet when I trying to connect to my VPN connection using port 443.
Packet capture on both side I can see icmp packets sent from my side and received on other side but TCP SYN packet sent from me are not reaching other side.
OPTUS technical support is so technical that they told me as long as internet connection is working its all good on there side.
Intresting part is if I swithches to OPTUS MOBILE DATA network it works fine, and also work fine with Telstra/NBN.
One of my other college with OPTUS/NBN having same issue.
Anyone have any solution, before I switch my NBN from optus to telstra.
I'd be very surprised if Optus is blocking any specific packet types but they certainly do block some ports.
Its most likely your router's firewall, especially if its an Optus router. The F@ST 5366 series of routers have known problems with remote access due to hairpinning/NAT loopback issues.
Do you have proper port forwarding set up for your VPN?
What type of NBN connection do you have (FTTC/FTTN etc.)?
Its been a long time since I had to look into TCP SYN problems. Some thoughts/brain dump:
1) Could be a CGNAT issue? Probably not.
2) Check the TCP header to see if it is using a specific port at either end and see if a firewall is blocking it. If you are using the same modem then it will not be the modem, but if they are different modems check out the port blocking/forwarding setup in the two modems.
If you using Wireshark to do the capture I have dumped the capture to a text file for a good connection and a bad connection and then diffed them with varying degrees of success in tracking down the exact packet that was either missing or malformed payload or additional packets or retry packets. It took a while to get the dump text format without timing info or timing info I could easily strip off.
Based on my experience with optus support they are script kiddies and there are no optus technical people on this site. As such once you have done a bit more digging or if you think you have done enough head over to https://forums.whirlpool.net.au/ and find the most relevant forum you can find and ask there as you will see it has technical people on it that can help.
no there I haven't set any port forwarding
It might be an idea to find what ports the VPN software uses and forward them.
and its FTTC
As you have FTTC you can test if the router is the problem by temporarily bypassing the router altogether and connecting the Computer/Laptop you are VPN'ing to directly to the NBN box.