No VPN connection possible using new Rogers Ignite Cable Modem/Router

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
I Plan to Stick Around
Posts: 41

Re: No VPN connection possible using new Rogers Ignite Cable Modem/Router


@tinious wrote:
FWIW - my error message is "The VPN connection to the selected secure gateway requires a routable IPv4 physical adapter address. Please move to an IPv4 network and retry the connection or select a different secure gateway."

I spent a long time  composing a reply but the site ate it when I hit "post".  So here's a shorter reply.

 

A routable IPv4 address is one that is uniquely assigned throughout the internet.

The opposite is a private one, which could be used on any and every LAN.  See RFC1918.

Rogers assigns each customer one routable address.  This is normally used for the public interface of a router.  Most routers then assign each node on the LAN a private address.  Through a process called NAT (Network and port Address Translation), the router rewrites inbound and outbound packets to make this work.

 

NAT only works for TCP and UDP protocols.

 

The Internet Standard VPN protocol is IPsec and it uses AH and ESP packets, not something NAT can handle.

 

There are hacks to IPsec to encapuslate AH and ESP in UDP for "NAT Traversal".

 

A server cannot be behind NAT without really hairy hacks.

 

Summary both ends of an IPsec tunnel ought to have routable IP addresses.  If you've enabled NAT Traversal on your IPsec system, the initiator ("client") can be behind NAT.  Normally, the responder ("server") cannot be behind NAT.

 

It isn't clear which end the message refers to.  Is it requesting that your Security Gateway (i.e. your computer) doesn't have a routable IPv4 address, or that the far side doesn't have a routable IPv4 address.  If it is complaining about your end, you should figure out how to enable NAT Traversal.  If it is complaining about the other side, you probably haven't configured that correctly (because that computer surely has a routable IP address).

 

Some routers have a setting called "VPN Passthrough".  I'm not sure that ever works.  It certainly isn't documented.

 

Some other VPN protocols (eg. OpenVPN) are based on TLS.  That uses TCP and can survive NAT on the client side.

I Plan to Stick Around
Posts: 13

Re: No VPN connection possible using new Rogers Ignite Cable Modem/Router

I work from home using FortiClient.   Works for me with no router changes required.  Rogers would be making a big mistake if it did not allow VPN with so many working from home.

I've Been Around
Posts: 2

Re: No VPN connection possible using new Rogers Ignite Cable Modem/Router

Rogers and Cogeco have changed their Ignite/cable terms of service, now saying that work vpns are now not supported.
In reality they are blocking them as a by product for blocking illegal country hopping VPN streamers.
I work for an IT services company and they have had success moving clients to use SSL VPN connections that require a certificate on the host server. The data then connects over the TCP port in the same way that secure websites work, and SSL VPN connects.
Meanwhile IPsec VPN users are affected.
Good luck with the new normal.
Highlighted
Resident Expert
Resident Expert
Posts: 14,000

Re: No VPN connection possible using new Rogers Ignite Cable Modem/Router

Not supported and blocked are two different things.

Pretty much.. well EVERYTHING almost rogers doesnt officially support.  They cant guarantee that ANYTHING will work on their internet.  They can support that your internet is working.. and beyond that, its up to the user to figure it out.

My personal VPN is still working from my Ignite connection at home. (PIA)
My work VPN on my work laptop, through Cisco Anyconnect (which is an SSL VPN)

So may only be blocking IPSec vpns?

Though PIA uses PPTP, L2TP/IPsec, SOCKS5 and OpenVPN.. not sure which specific its using when it works for me.



Order Now!
Wilder vs. Ortiz II Live
LIVE: Saturday, November 23, 2019 8PM ET
Channels: 348 (HD) | 350 (SD) | Ignite TV 499
Price: $74.99 (HD) | $69.99 (SD) | Ignite TV $74.99
DTV can order on Nov. 21st & Ignite TV customers can order now!

Reigning heavyweight world champion Deontay "The Bronze Bomber'' Wilder takes on his most dangerous challenger as he defends his WBC title in a rematch against once-beaten Cuban slugger Luis "King Kong'' Ortiz.

Topic Stats