I wonder if this affect Fido network too since Fido is Rogers

but why would android work but not iphones?

But Android doesn't work, I just tested again (same steps as in my previous post in this thread

Hi,

I have a feeling whats happened here is they have enabled IPv6 ONLY and stopped use of IPV4.

It appears they are (or were) only doing this in batches as problems arose with people using PPTP VPNS in 2017. AT the time a NOC engineer explained what happened and suggested users to edit their APN settings to only accept IPV4 IPs. This solved the issue. Since we are on iPhone we can't do such.

I confirmed on my Bell LTE device it's also on IPV6 but must also be grabbing an IPV4 IP.

I saw this post on DSL forums from 2017

In 2016, Rogers started the deployment of IPv6 on our Wireless network. At that point, most recent phones (2015++) started receiving from our LTE network both an IPv4 and an IPv6 address. This was the first phase of our IPv6 deployment plan for the wireless network.

Late last year, we started enabling IPv6-only service (no native IPv4) on some phone models (LG G4, Google Nexus 5 and Samsung Galaxy S4). Recently, we enabled the service on more models (most Samsung Galaxy phones). With IPv6-only service, phones are still able to access the entire IPv4 space through the use of a technology called 464XLAT on the phone itself combined with a DNS64 and a CGN64 in our core network. This transition was necessary as IPv4 resources worldwide are completely exhausted.

With this technology, the transition to IPv6-only service has been transparent for most users and almost nobody noticed that their phone was operating natively on IPv6 without direct IPv4 connectivity. PPTP VPNs however use a very old technology that is not well supported in this configuration. We have also noticed that in some rare cases, L2TP/IPSec VPNs are broken. This last scenario is due to a bug in the Android code and we are actively working with Google to resolve it.

There is however a workaround for users affected (both for the PPTP and L2TP/IPSec issues). Directly on their phone, users can go in their APN settings to change the “PDP Type” to IPv4 (by default it is set to IPv4v6). Depending on the phone model, users may be able to simply change the PDP Type or they may have to create a new APN entry (copying existing settings) and make it default.

Let me know if this helps.

Dave

-----
I am a Rogers Network Architect. I am here to provide production solutions for the specific topics I engage in. For other concerns, please reach out to me on Rogers Community Forums.

There is a very technical explanation to that. The PDP Type in the APN settings is essentially what your phone asks from the cellular network. Most of our Android phones have been configured with IPv4v6 since 2014 although at that time we didn't have IPv6 service enabled.

When the phone would connect on the network, it would essentially ask "May I create a data session using APN ltemobile.apn and using IP stack IPv4 and IPv6". The network would then respond with "You are granted access, however you are only authorized to receive an IPv4 address".

After we enabled IPv6 on the network, during the data connection phase, all phones started receiving both an IPv4 and an IPv6 address.

What was done recently is that some phones (it is very model specific and it includes the Samsung Galaxy S7), are only granted an IPv6 address. This internally tells the phone to enable the 464XLAT process which handles the IPv4 --> IPv6 translation. In turn, in our core network we do the reverse translation IPv6 --> IPv4. This enables you to reach IPv4 services without having an actual IPv4 address on your phone.

We you set the PDP Type to "IPv4", the network can't give you only an IPv6 so it has no choice but to give you what you asked for and it re-enables PPTP. Ultimately, you do loose access to IPv6 by doing that however.

We only picked for IPv6-only transition phone models that we extensively tested. The onePlus3 is not a device we sell so we can't confirm if the 464XLAT implementation is done properly and therefore it will remain IPv4+IPv6. All new phones launched on the Rogers Wireless network should be IPv6-only.

Given that IPv4 was always NATed on the wireless network, there is no difference in most cases, except PPTP because it relies on a GRE tunnel which doesn't support well the IPv4 --> IPv6 --> IPv4 translation.

Dave

Sooooo.. question is... Rogers Dave... Where are you?

found dave.

http://communityforums.rogers.com/t5/Rogers-Community-Forums-Blog/Farewell-to-RogersDave/ba-p/414959

We may very well be out of luck.

Let's hope I am wrong.

I'm pretty sure we are done for

Which Android device are you using? I will test on my side with the same device.

Also if you to google on the working android device and search for "whats my IP" what does it say? 123.123.123.123 (IPv4) or XX:XX:XXXXXX (IPv6) etc etc.

Also what type of VPN are you using?

Has everyone called Rogers and opened a ticket for NOC to check? It's possible this could just be a error or firewall rule somewhere.

Android wasnt working at first, so I had to force it to IPV4 in the APN settings, as Meraki (my VPN) is only IPV4 not IPV6

my VPN is a L2TP/IPSEC

Any idea if we can force iPhone to IPV4?

I am using L2TP/IPSEC

Apparently only via a MDM solution. I am trying to do it with Meraki MDM. Will post back once I get somewhere.

Nope you can't which is probably the issue

I think VPN should still work even with the IPv6 -> IPV4 translation..

Especially since we are not using old PPTP -- we are using L2TP IPSEC - could something be accidentally blocked somewhere?

I had issues on Friday but brushed it off as a network issue as I was able to connect on Saturday briefly.

Monday completely gone.

OK. Here's what I have tried so far: I have a Mac Server on which I have installed Apple Configurator 2. This is the only way I was able to change those advanced settings in IOS (see this article) like default APN, data APN and the supported protocol versions.

I have tried all the combinations that made sense to me: default and/or data APN = ltepublicip.apn or vpn.apn and selected either IPv4 or IPv6 or both. I have power cycled my iPhone 7 Plus after each setting change and tried to connect to 2 of my own L2TP VPN servers and also tried to use PIA client (see Private Internet Access). None of them helped in any way. By forcing IPv4 only, I managed to loose connectivity all together, which kind of confirms the theory that Rogers may have eliminated support for IPv4 completely.  

I am tempted to believe that either Rogers is trying to push their VPN service over MPLS or somebody made a mistake in their core network configuration. Or, maybe a buggy firmware upgrade on one or more of the core equipment.

Still waiting for an update of my ticket opened yesterday.

---

@gysh wrote:

I wonder if this affect Fido network too since Fido is Rogers

---

My iPhone is with Rogers and like everyone else none of my VPN connections work over LTE. My wife's iPhone is with Fido so I tested a VPN type L2TP/IPsec connection over LTE and it  connected right away. I tried it a few times and had no issue connecting. Strange that it works on Fido but not Rogers. I will check tonight and see if we get an IPv6 or IPv4 address from Fido over LTE.

My iPhone is a work phone so I am going to call Rogers business support and open a ticket. Does anyone have a ticket number I can reference when I talk to them?

Hey TR93,

You can reference this ticket #: Rogers BTS Ticket 0029661110.

I have asked them for an update today, but haven't heard anything back yet.

Please let us know how it goes.

Cheers,

Adrian