Network administration

How to understand who is blocking packets on a specific port?

There are two computers A and B. When computer A (a server with Windows Server 2008 R2) was, roughly speaking, on the same network - at the time of configuration, it accepted incoming VPN connections. Moreover, I tested different scenarios, when A and B were both on the same local network, and B was knocking over the Internet. Then I moved A to the place of its combat operation (that is, nothing changed on the server) and the connections are now not established. Could it be that this provider somehow cuts traffic to VPN ports (1723)? Although, for example, I connect to it freely via RDP. Computer A is now connected to the Internet directly via a PPPoE connection (temporarily, until there is a router, in the future, a router will connect to the Internet and distribute it, as usual).
I'm a mediocre networker, I sin either on the provider, or it's something else, and as a fallback - wait until the router appears, organize port forwarding on it, suddenly it will work.
And in general, ideally, on the topic of the question, is it possible to use tracert, or rather its analogues on OS X, to identify at what stage of the route traffic is cut to the VPN port? The network utility in Mac Os does not see any open port at all on computer A, although the same RDP port 3389 is open.
UPD: Looks like I figured out what the reason is. Since the computer is still connected directly without a router and uses ICS Internet Sharing, the routing configured to receive VPN does not work. I'm waiting for the router to be installed