I have Cisco IPSec VPN (to my employer) configured on my MacBook Air. It works perfectly when I'm at home connected through WiFi to my cable modem (through an Airport Extreme). But when I try to connect through my Samsung Verizon 4G LTE Mobile Hotspot (that I got when attending Google I/O), I can't connect to anything (inside or outside my employers firewall). If I disconnect the VPN, network access returns.
I can't asked my employer's IT department for support because they don't support Mac OS X.
How do I troubleshoot this?
Update: Jason Berg suggested in a comment below that I reproduce the problem on a PC so I can get support from my employer's IT department. Unfortunately VPN works over the mobile hotspot on my Windows 7 notebook. So I (still) can't get support from IT.
Update #2: xeon's answer below links details on Verizon Wireless's forums where details are given about connections being "double natted" and which doesn't work with PPTP. That may not apply to my Cisco IPSec VPN. I wonder if I've failed to enable "VPN passthrough" as mentioned in some posts in that thread.
Update #3: I enabled "VPN passthrough" (following the instructions in the user manual downloaded from http://www.samsung.com/us/support/downloads/SCH-LC11ZKAVZW) but it still doesn't work. (There was also an undocumented "Privacy Separator enable" checkbox. I tried with it both unchecked and checked, and it didn't work either way.)
I believe this is a problem with the Samsung device. I have the Verizon 4510L 4G MiFi and it works perfectly with our Cisco IPSec VPN and SSL VPN. There are a few threads on the Verizon Wireless community about the Samsung device not working with PPTP VPN. They say they will have a firmware update to resolve those issues. GRE packets are being blocked currently with the device. Some have reported trouble with Cisco IPSec as well.
Here is some information.
The problem lies in the firewall configuration. They obviously have split-tunneling enabled and set up but may not have split-dns config'd. I had the same issue with Mac OS and my ASA. Once I had both config'd properly it all was seamless.