VPN Clients connected to Windows Server 2016 L2TP/IPsec VPN tunnel cannot browse Internet. Some websites load partially, some don't load at all, and very few load normally. Browsing internal network works fine. DNS also functions with no issues.
In my experience this kind of web browsing issues are related to network connection MTU (maximum transmission unit) value. Without finding a quick way to adjust MTU value for VPN connection I resolved this by enabling split tunnel on client's end. In split tunnel mode only traffic intended for internal (server side) network is sent though VPN. All other traffic (including web browsing) goes though client's normal Internet connection. In some instances this may be not desired, but in this particular case this was actually beneficial to reduce load on the VPN server and office broadband.
- Network and Sharing Centre > Change Adaptor Settings
- Right click on client's VPN Adaptor and click on Properties
- In Networking tab double click on Internet Protocol Version 4, then click Advanced
- In IP Settings tab remove checkbox from Use default gateway on remote network
Windows Server 2016
Windows 10 Pro