I just implemented Microsoft direct Access VPN within my Server 2016 network.
However, I am finding that I am not able to connect to this VPN from many places including public guest Wi-Fi networks. When trying to connect I get an error message saying that "The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g. firewalls, NAT, routers, etc) between your computer and the remote server is not configured to allow VPN connections. Please contact your Administrator or your service provider to determine which device may be causing the problem."
So far I have only been able to successfullly connect to this Always On VPN network in around 15% of the places where I have tried connecting. Wheneve I am unable to connect I receive the error message mentioned above and shown in the screenshot. Otherwise everything works great as long as I am able to successfully connect.
So is it possible to change the ports that Direct Access VPN is using to more commonly used ports (such as 80 and 443) that won't be blocked and then using NAT or some other technique if necessary to convert these ports back to their original port numbers? The firewall that is being used in this network is a SonicWALL TZ600.