Could you check the "show ip nat translation" output while trying to access from the mobile?. You should see

TCP connections and entries in the output from the mobile ip address.

Regards.

It appears to be DNS, 443, 5228 and 80

udp 122.149.212.174:14274 10.0.0.43:14274       8.8.8.8:53            8.8.8.8:53

udp 122.149.212.174:14352 10.0.0.43:14352       8.8.8.8:53            8.8.8.8:53

tcp 122.149.212.174:33300 10.0.0.43:33300       31.13.68.16:443       31.13.68.16:443

tcp 122.149.212.174:33523 10.0.0.43:33523       74.125.141.188:5228   74.125.141.188:5228

tcp 122.149.212.174:34974 10.0.0.43:34974       74.125.142.188:5228   74.125.142.188:5228

tcp 122.149.212.174:38042 10.0.0.43:38042       31.13.75.17:443       31.13.75.17:443

tcp 122.149.212.174:39418 10.0.0.43:39418       50.17.239.114:443     50.17.239.114:443

tcp 122.149.212.174:42290 10.0.0.43:42290       31.13.68.16:443       31.13.68.16:443

tcp 122.149.212.174:45323 10.0.0.43:45323       23.21.220.40:443      23.21.220.40:443

tcp 122.149.212.174:46896 10.0.0.43:46896       74.125.237.110:80     74.125.237.110:80

tcp 122.149.212.174:46985 10.0.0.43:46985       54.225.174.247:443    54.225.174.247:443

tcp 122.149.212.174:50122 10.0.0.43:50122       50.19.108.118:443     50.19.108.118:443

tcp 122.149.212.174:52656 10.0.0.43:52656       107.21.236.168:443    107.21.236.168:443

tcp 122.149.212.174:53661 10.0.0.43:53661       54.225.174.247:443    54.225.174.247:443

tcp 122.149.212.174:53954 10.0.0.43:53954       74.125.237.103:443    74.125.237.103:443

tcp 122.149.212.174:57948 10.0.0.43:57948       31.13.68.16:443       31.13.68.16:443

tcp 122.149.212.174:58330 10.0.0.43:58330       193.182.8.28:80       193.182.8.28:80

tcp 122.149.212.174:58346 10.0.0.43:58346       31.13.68.16:443       31.13.68.16:443

tcp 122.149.212.174:58547 10.0.0.43:58547       74.125.237.103:443    74.125.237.103:443

tcp 122.149.212.174:58877 10.0.0.43:58877       107.21.103.249:443    107.21.103.249:443

tcp 122.149.212.174:59241 10.0.0.43:59241       50.16.199.37:443      50.16.199.37:443

tcp 122.149.212.174:60434 10.0.0.43:60434       74.125.237.103:443    74.125.237.103:443

tcp 122.149.212.174:60478 10.0.0.43:60478       74.125.237.115:80     74.125.237.115:80

I just ran the phone via a proxy and rebooted it then opened the app store (which works via the proxy). This is what traffic it reported.

http://i44.tinypic.com/5u35e0.png

I think that it is time to wireshark.... If the application is "time out" something is wrong but connections are created. ??

My phone runs a custom rom so i was able to get a direct dump.

For both the phone has been turned off then on, shark has been started, then the play store open, then shark stopped.

This one is on the mobile network.

https://dl.dropboxusercontent.com/u/2049808/mobilenetwork.pcap

This one is Wi-Fi (when it times out).

https://dl.dropboxusercontent.com/u/2049808/wifi.pcap

EDIT: It works to 1420, the rest of the tests above that were just the app cache. So i restarted the phone and started at 1460 and went down to 1420 when it started working.           

You are an absolute genious.

I used it on the Dialer0 interdace and it works all the way up to 1460.

Correct me if im wrong but is it because i have the MTU set at 1460 it was denying packets above that ?

Thank-you so much, ive spent many many hours trying to diagnose this problem.

I think so. There is a MTU restriction in some of your links. With the command the cisco router is able

to force a MSS (not MTU) in the TCP three-way hand-shake. Notice that is only for TCP connections.

If you have some services based on UDP the problem still will be. If you can check your MTU in your links.

Regards