IOS IKEv2 VPN over LTE does not work anymore

IOS IKEv2 VPN over LTE does not work anymore

IOS IKEv2 VPN over LTE does not work anymore

I'm a Contributor Level 1

IOS IKEv2 VPN over LTE does not work anymore

I’ve read the recent posts about people affected by usage NordVPN complaining, but in my case, it’s my personal network and my internal users.


I’ve ran through the preliminary details and it appears that the phone is initiating a direct IPV6 tunnel that’s superseding the device’s routing table and not allowing the device to use the IPv4 or IPv6 gateways provided by the VPN tunnel (our IPSec tunnel is dual-stack) which are provided by the device’s routing table.


What’s up with this?


Any recommended IOS profile tweaks to push down?

Accepted Solution

Re: IOS IKEv2 VPN over LTE does not work anymore

Solved by Moderator (inactive) FidoPierre

Hey everyone!

A little bit of an update for this. Smiley 


For Apple devices: 
Apple has released the latest iOS 12.0.1 software which may resolve issues for certain remote/VPN Apps using the IPv6-only connections.


If you’re experiencing this issue, please update to iOS 12.0.1 (or newer) and test again.

A possible workaround for Android devices only:
Modify the APN “ltemobile.apn” to IPv4 instead of the default IPv4/IPv6 in the phone settings, under Wireless & Networks - Cellular Networks - Access Point Names.


Power cycle the device and test the VPN connection again.

If the issue persists, please note the date and time of the failure and let us know so we can send you a PM to look closer into this with you.

View solution in context
121 REPLIES 121

Hey @fdmerin,


I'll send you a PM to take a closer look into this.


Talk soon!

I'm a Participant Level 2

I have same issue trying to connect to my VPN over LTE.  Not something I do very often, but important to test when having VPN problems.  Took some time to spot the issue but my iphone X (12.1.4) is getting an ipv6 address when on LTE. 

The built-in ios client is apperently using this address and the VPN won't connect.

When I tether my PC (ipv4) to the phone, and then initiate the VPN, that works fine.


Something changed on Fido side, this used to work...





Hey @AT15


I'll send you a PM so we can look at this together.


Talk to you soon!

I'm a Participant Level 2

Hi I never got a PM, can someone respond with workaround ?

Hello @AT15. There's a PM coming your way. Talk to you soon.

I'm a Participant Level 1

Hello there,


I've the same issue, IKEv2 over LTE with ProtonVPN on iOS 12.2.


Thanks in advance for the support.

Hey @kindtong!


First of all, welcome to the community!


I'll send you a PM so we can take a look into this together.

I'm a Participant Level 2

To everyone here that is having the same problem. As of January 6, 2019 I have opened two tickets. One here on the Fido forums and one on the phone. Support & administrators will take your information, ask you for your IMEI, and create a ticket—but they will not solve the issue however courteous they are. I have a theory is because they don't have a solution yet. If you need to use VPN over LTE it may be a good idea to start considering other options.


VPN over IKEv2 (native on iOS) ➠ it connects, but all iPv4 traffic is blocked


VPN over OpenVPN (third-party app) ➠ it works using iPv6 / iPv4 dual stack

Hey @mountainsofsnow


Have you rebooted your phone after you received the message that the issue was fixed?  If you did and are still having trouble, you should get in touch with the developer of the app to confirm if their app properly supports IPv6 only networks, as per Apple app standards published here:

I'm a Participant Level 2

{Update: January 12, 2018] I can confirm that after having opened a ticket and restarted my phone, VPN (IKEv2) now works. Horay!

I'm a Participant Level 2

Same problem here, I use to have my ipv6 turn off from Fido technical support, but it seems I just the the ipv6 back few days ago... "jabber" voip app for job is not working anymore !  please help to block ipv6 again on my account !  


thank you,

I'm a Participant Level 2

I do have the same problem would would  appreciate being told by a private message how to solve it.


Hey @MeMyselfAndYou


Welcome to the community Smiley


I'll be sending you a PM so we can take a look at this together.


Talk to you soon!

I'm a Participant Level 2

Hi , I’m also having the exact same issue.  

Can I please get assistance via PM?

Hi @Davidtai Welcome to the Community! We're happy to have you with us. 


We're sending shortly a PM your way. Smiley 


Talk to you soon! 



I'm a Participant Level 2

Hi Francois,


I am having the same issue with VPN connecting back to work computer. Can you help take a look? Thx

Hey @ken20kca,


Just to clarify, are you using your phone to tether or is your work computer connected to your Home Internet?



I'm a Participant Level 2

Hi FidoClaudia,


I used my phone to tether, so my work laptop can VPN back to office PC for work. It has always work since I join Fido, but all of suddent it stop working like about a month ago. My work require me to VPN back to office for emergency response. I have done test with my coworker's phone(using Bell), and it was working. So there seems to be an issue on Fido's end. Thx

I'm a Participant Level 2

The issue has been resolved. It seems Fido is dropping IKE traffic from my VPN client. As a work around, I had to restrict the size of the first ISAKMP packet sent from my VPN client. (Sonicwall)

Hi @ken20kca


I'm happy to find out that it's resolved on your end.




What's the error message that you are getting on your end exactly?

I'm a Participant Level 2

Hi, when ipv6 is activated, I can’t use a VOIP app I’m using for my works. (Cisco Jabber). If I’m using an APN to disable ipv6 it fixed the problems instantly.  I’ve already speak with « bureau of president » concerning that matters, and the problem has been fixed since October. But it seems somebody has reactivates ipv6 feature for my account.  To explained furthermore, when Rogers is converting ipv4 to ipv6 they screw my app authentication and I can’t get a positive handshake from our job server because my token is not valid anymore. I’ve already trace and dig into packets to found the reason of the issue with firewalls and IT team at my work. An engineer from Rogers (back in October) was aware of this protocol translation problem.