IOS IKEv2 VPN over LTE does not work anymore

IOS IKEv2 VPN over LTE does not work anymore

IOS IKEv2 VPN over LTE does not work anymore

SOLVED
kris2k
I'm a Contributor Level 1

IOS IKEv2 VPN over LTE does not work anymore

I’ve read the recent posts about people affected by usage NordVPN complaining, but in my case, it’s my personal network and my internal users.

 

I’ve ran through the preliminary details and it appears that the phone is initiating a direct IPV6 tunnel that’s superseding the device’s routing table and not allowing the device to use the IPv4 or IPv6 gateways provided by the VPN tunnel (our IPSec tunnel is dual-stack) which are provided by the device’s routing table.

 

What’s up with this?

 

Any recommended IOS profile tweaks to push down?

Accepted Solution

Re: IOS IKEv2 VPN over LTE does not work anymore

Solved by Moderator

Hey everyone!


A little bit of an update for this. Smiley 

 

For Apple devices: 
Apple has released the latest iOS 12.0.1 software which may resolve issues for certain remote/VPN Apps using the IPv6-only connections.

 

If you’re experiencing this issue, please update to iOS 12.0.1 (or newer) and test again.


A possible workaround for Android devices only:
Modify the APN “ltemobile.apn” to IPv4 instead of the default IPv4/IPv6 in the phone settings, under Wireless & Networks - Cellular Networks - Access Point Names.

 

Power cycle the device and test the VPN connection again.


If the issue persists, please note the date and time of the failure and let us know so we can send you a PM to look closer into this with you.

View solution in context
121 REPLIES 121

Hey @DomGravel

 

We sent you a PM already.  You just need to reply and we'll continue with you there! 

 

Talk to you soon Smiley



clegasse6280
I'm a Participant Level 1

I have the same problem, it is impacting a payment application that our company is using.  Can someone contact me to solve this issue ?  Thanks,

 

Christophe

Hey @clegasse6280

 

Welcome to the community Smiley

 

I'll be sending a PM your way so we can take a look at this.

 

Talk to you soon!



ek66
I'm a Contributor Level 1

Hi, I also have found this issue.

 

I have 2 iphones, one on Fido and another on Telus with exact same applications and setups.

From several days, on Fido LTE/3G, both OpenVPN and IKEv2 VPN's connections do not work anymore.

The phone connects to VPN but it fails to web browse (by Safari) sites like google.ca.

There is a big mess on current ipv6/ipv4 Fido implementation.

 

Please resolve it!

 

 

gervais
I'm a Contributor Level 1

salut jait meme probleme contater moi

Salut @gervais

 

Bienvenue sur la communauté Smiley

 

Je vous envoie un message privé à l'instant pour qu'on regarde ça ensemble.

 

À tout de suite!



Peanut206
I'm a Participant Level 1

Bonjour!

 

J’ai exactement le même problème... Est-il possible de me contacter afin de régler la situation s.v.p? Merci!!

Salut @Peanut206!

 

Je vous envoie un message privé! Smiley

 



NA-CRA
I'm a Participant Level 1

I'm having the VPN connection issue as well. Can I get some help with it?

Hey @NA-CRA

 

Welcome to the Community!

 

We'll send you a PM on here to check that out with you Smiley



Ga5
I'm a Participant Level 3
I'm a Participant Level 3

Au sujet du ticket maître IOS IKE v 2 VPN overLTE does not work anymore

I have similar problem, please contact me by private message to set the problem thanks. 

FidoThomas
Moderator (inactive)

Hey @Ga5, welcome to the Community!

 

We had to move your other post since it was a duplicate Smiley

 

You're at the right place for help.

 

We'll send you a PM, talk to you soon!



FidoAmanda
Former Moderator

Hey kris2k!

 

Are you able to try the connection on another network? Does it work when you're connected to wifi?

 

Let us know!



kris2k
I'm a Contributor Level 1

Of course; via WIFI, VPN works flawlessly.

 

I’m unable to ping the next-hop VPN-encrypted gateway either via IPv4 or IPv6 when I’m on LTE.

 

A tcpdump from the firewall side reveals no packets entering the tunneled interface from the mobile device.

Let's take a closer look at that together. 

 

You'll have a PM coming your way shortly. Smiley



MonetE419
I'm a Participant Level 3

Hello,

 

I think I may have the same problem, could you help me?

 

Thank you,

Hey there! I'll be glad to take a closer look with you. 
 

Sending you a private message your way! Smiley 



awefawe
I'm a Participant Level 2

Did this issue end up getting fixed? Or does it have to be fixed on a case by case basis?

 

I'm having the exact same issue.

kris2k
I'm a Contributor Level 1

Hey Awefawe;

 

Indeed, my situation got fixed by Fido. It appears that they pushed an alternate APN configuration to use the dual-stack IPv4/IPv6 Gateway again.

 

From a technology standpoint,I’m sure it’s not what they want (since being IPv6 native has some added benefits for data transmission reliability and efficiency), but I’m confident the bugs have been documented + submitted to Apple, and there’s a ‘hope’ for next IOS version to have additional capabilities to better handle ipv4/ipv6 vpn connections with an ipv6-only WAN.

ek66
I'm a Contributor Level 1


@kris2k wrote: ... got fixed by Fido. It appears that they pushed an alternate APN configuration to use the dual-stack IPv4/IPv6 Gateway again. ..

 

Could you please explain in more details about this alternate APN and how they pushed it to (your only?) iPhone /iPad if this is not a secret?

 

It looks like there are still unresolved IPv4/IPv6 VPN related issues over Fido LTE/3G  Data but I cannot find any official information that confirms or rejects such suspissions.

 

Too bad. I spent hours to restore from backups the phone, my own VPN, routers etc. - for nothing.

With another (non-fido) SIM and service, everything works fine

 

Regards.


 

FidoPamela
Former Moderator

So sorry for the confusion @ek66! I sent you a new one now. 

 

Chat soon!