So I have an issue when connecting to my works vpn while on a cellular network. I've narrowed it down to what I think is a route issue upon connecting. Below is what my route command shows when connected to the VPN while on a wi-fi connection. It works. IP addresses have been changed to protect the innocent.

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
149.xx.xx.2xx 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0
162.1xx.1xx.0 * 255.255.240.0 U 0 0 0 tun0
default 162.1xx.1xx.1xx 0.0.0.0 UG 0 0 0 tun0

Below here is my route command after connecting to the VPN on a cellular network. I am able to connect and even receive the banner message from the router, but afterwards am unable to do anything on the network. Please note that I AM able to ping the 162.1xx.1xx.1xx address below once coneected, but nothing else.

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
162.1xx.1xx.0 * 255.255.240.0 U 0 0 0 tun0
default 162.1xx.1xx.1xx 0.0.0.0 UG 0 0 0 tun0

Any suggestions on what route(s) to add to fix this?

Sorry for typos, I made this whole post from the N900

I don't see a gateway on the second output... Could you try using a SIM card from another provider? I think it could be the cellular network itself.

Let me expand what I am thinking quickly because I am going to sleep:

If you can ping the router and receive the banner, means that you already have connectivity (i.e. you shouldn't need any extra route).

So you have connectivity, but communication is one way only: from the router to you, because you receive the banner. Now, ping uses IGMP, and you have two way communications on that protocol. But to log in your router you must be using SSH or Telnet, and on this protocol if where we observe the one way communication previously mentioned.

So in some point of the way, something is blocking your messages to the router. Since it works over WLAN I think it could be a firewall in the ISP, which is why I asked to try another SIM. You could also try using another remote login protocol (SSH if you are using Telnet, or viceversa).

Good luck!

It is likely if you have a low tier cellular data plan that they have blocked most ports except 80.

What carrier do you use?

Since most ports are blocked you'll have to call them to have them open the ports you need.

If you have a high enough data plan (i.e. Smartphone Data or VPN Data), then they will do it for you.

Here's a wiki link for T-Mobile config for SSH from another board.

Thanks for all the info.

I am on AT&T, 2.5G network.