Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issues with IKEv2 IPSec VPN on Rogers LTE/3G

JP1204
I'm Here A Lot

‎03-29-2018 11:42 AM

This is on an iPhone 7 connected to Rogers LTE or 3G wireless networks. 

I'm having an issue when using IKEv2 IPSec on NordVPN. The VPN connection gets established properly and connections through the VPN appear to work, speedtest works, many sites come up fine, etc. But some websites just never connect (e.g. https://us.opinio.net) through the VPN, others like https://www.reddit.com work 50% of the time. 

Using OpenVPN UDP port 1194 on the same NordVPN server instead of IPSec, there is no issue at all, so it's not a matter of the NordVPN server being blocked by the sites, or itself blocking requests. 

To rule out my phone or NordVPN, I switched the SIM card to TELUS LTE and both VPN modes work just fine, IPSec and OpenVPN. There is also no issues over WiFi.

There really seems to be an issue with Rogers and the connection through IPSec.

Do you guys have an idea what's going on? 

I found a thread where RogersDave suggest switching PDP Type to IPv4 instead of IPv6, but I see no options to do that on an iPhone 7. 

Thank you! 
Labels:
144 REPLIES 144

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Adrian91
I Plan to Stick Around
In response to dfasdfdfasd

‎06-22-2018 05:51 AM

I totally get it. The question becomes: what are we supposed to do? I am using the VPN client built in IOS 11.4 to access my corporate network. Since Friday I've been locked out of my own corporate network. In case of an emergency, if I don't carry my laptop with me, I am screwed.
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Dssr
I'm Here A Lot
In response to Adrian91

‎06-22-2018 07:10 AM


In this case, the solution is tied to compensation.

Let’s be honest: All these changes happened last Friday. It is EASY for them to just “go back” to Friday’s settings. Instead, they are being stubborn and taking their time trying to find a solution within the current settings.

The only way you will get a timely resolution is through hundreds of complaints to the CCTS. Rogers does not want a high number of CCTS complaints. The complaints look bad, they are costly to deal with, and almost always result in compensation. This will force them to go to the easy, immediate solution.

We bonded together and did this when the Internet in our subdivision was going down about one full day every month. When we hit them with about one hundred CCTS complaints, the problem was solved. I haven’t lost Internet in over a year.

Complain, seek compensation, get results.
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

JP1204
I'm Here A Lot
In response to dfasdfdfasd

‎06-22-2018 08:50 AM

I just noticed that indeed, there's no audio on SIP calls with voip.ms anymore when connecting through LTE.

 

Using Acrobits Softphone on iPhone. 

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Adrian91
I Plan to Stick Around
In response to JP1204

‎06-22-2018 10:08 AM

I am using "Media5-fone" and SIP hasn't worked in years. I always had to VPN either into my home network or into the work network in order to be able to use it. 

 

SIP is another example of illegal port filtering/throttling that Rogers never admitted to, but it's obiously doing in order to protect their own phone services.

 

I guess, as much as I hate threatening and arm twisting, it looks like that's the only way to get them to listen and do the right thing...

 

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

TR93
I've Been Here Awhile
In response to Adrian91

‎06-22-2018 10:27 AM

Rogers support just called and said it was fixed and asked me test it. I tested and told them it is not fixed. Seems like they don't know what the problem is. You would think that they could use a stock iPhone and test with the native VPN service on it and know whether it was fixed or not.

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Adrian91
I Plan to Stick Around
In response to TR93

‎06-22-2018 10:33 AM

Definitely NOT fixed.
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

dfasdfdfasd
I'm Here A Lot
In response to JP1204

‎06-22-2018 10:52 AM

This was my experience as well - Acrobits stopped working with voip.ms. I switched to the Zoiper client and it started working with ipv6 and voip.ms. I opened a trouble ticket with Acrobits with the issue but never got a response. Acrobits does not seem to be converting the media addresses returned in the SDP thru the Apple API to get the NAT64 address required in an ipv6 only network.

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

dfasdfdfasd
I'm Here A Lot
In response to Adrian91

‎06-22-2018 10:55 AM

Have you checked on the T-mobile USA forums if anyone is having a similar issue with that specific client? T-mobile USA is also ipv6 only. This would point to a client issue vs a network issue. In addition, if your office is using a standard VPN system, are there other compatible clients you can try? Now if it works on T-mobile USA ipv6 only but not on Rogers, this points to a Rogers issue.

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Th1ef
I Plan to Stick Around
In response to dfasdfdfasd

‎06-22-2018 11:41 AM - edited ‎06-22-2018 11:49 AM

My issue has been fixed VPN connected right away. I just got a text. I’m not sure if this was a global fix across the board or on a per phone number basis.

“Please reply to this SMS to let me know if you can now use the "VPN" connection on your iPhone with WiFi off . A correction was applied last night for your specific affected device and we need your feed back. Thank you, Dan - Rogers / Fido Escalations Team“

Update:

The correction was provided for only this device. If you have more in same situation, please prepare a list with the phone number + the IMEI# of those iPhones and call to have a new escalation issued for those. Thank you, Dan
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

gysh
I Plan to Stick Around
In response to Th1ef

‎06-22-2018 11:55 AM

Seems to work for me too, i contacted the guy who couldnt access the camera on VPN and he says he can now on LTE

 

(He<s not tech savy and not at the office, so i can't confirm 100% though)

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Th1ef
I Plan to Stick Around
In response to gysh

‎06-22-2018 11:58 AM

I called back in to add the other list of numbers Level 1 is still clueless on how to fix this seems it is fixed at a NOC level. The reps have no idea how to fix it at level 1.
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Frank34
I've Been Around
In response to Th1ef

‎06-22-2018 12:19 PM

I am having the exact same issue with my vpn. I have tried everything possible and still can t get it to connect. i m at a loss. VPN worked fine on my friends telus account...and works fine on wifi.....just not on rogers lte

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

Th1ef
I Plan to Stick Around
In response to Frank34

‎06-22-2018 12:29 PM

If you are unable to connect to VPN you must call Rogers Wireless Support, a manual fix must be made on their end and you must request a escalation. Level 1 CANNOT fix this.

 

 

I am assuming maybe they are re-enabling IPV4 on a device-by-device basis?

 

Someone here will need to confirm once they have had their account fixed by Rogers and check to see if they are getting a IPV4 IP aswell as a IPV6

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

ajm2007
I've Been Around

‎06-22-2018 04:02 PM

I've been having problems with connecting via OpenVPN home on the LTE network. Not sure when this started I know it hasn't always been this way but it happens when I use my corp rogers iPhone and it happens when my wife uses her Fido Android phone. It doesn't happen when on WiFi somwhere. Only happens on LTE. 

What happens is the openvpn client reports it is connecting to an IPv6 address via UDPv6. It reports connected but nothing works. 

I checked at home I run an openbsd gateway so i did a pcap, there is no ipv6 address or communication going on, the domain I have registered has no DNS entries pointing to an IPv6 address so there must be something going on with the Rogers LTE network... I found this thread and thought the issue might be related so I'm posting here. It's really frustrating though, we usually VPN home to check on our nanny and the kids and we can't now unless we have WiFi connectivity

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

dsadasdsadsa
I've Been Here Awhile
In response to Th1ef

‎06-22-2018 05:32 PM - edited ‎06-22-2018 05:32 PM

Manual fix by device ? Amateur hour
0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

lkearl
I've Been Here Awhile
In response to dsadasdsadsa

‎06-25-2018 04:15 PM

My VPN issue has been fixed. I gave Rogers Support the IMEI number for my affected phone on July 21 and they emailed me back on July 22 to say the issue had been fixed. I reinstalled the VPN and connected by LTE and web pages and apps now work properly.

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

gp-se
I'm an Advisor
In response to lkearl

‎07-23-2018 08:50 PM

Does anyone know if a network wide fix will be deployed? I have an issue connecting to my ip cameras only when I'm using LTE or HSPA. If I connect to WiFi at home, work, mall, hotel, etc. I can connect to the camera without issue.

 

From reading this thread the fix is being applied on a device by device basis, but will the fix be deployed network wide? If not who do I PM with my IMEI to have the fix applied to my account, also does the fix have any drawbacks/issues?

 

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

RogersTony
Moderator
Moderator
In response to gp-se

‎07-24-2018 08:27 PM

Hello @gp-se,

 

I can imagine how much of an inconvenience it must be not being able to view your cameras remotely, all of a sudden. =(

 

You can PM the @CommunityHelps inbox and we can implement a temporary workaround that will enable IPv4 functionality on your device which should resolve the issues you are facing. We do not have any reports at this time of any drawbacks/issues with the temporary workaround. 

 

If there are any users in the Community who have had the workaround implemented and have experienced any issues please let the Community know. 

 

RogersTony

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

domino123
I've Been Around
In response to RogersTony

‎07-25-2018 12:28 PM

I apologize for not updating this thread a while ago.

 

The IPSec VPN issue should be fixed by now for everybody.

 

I have been told by Rogers Enterprise Technical Support that a fix for the entire network has been rolled out on Jul 2/3  for Ontario Central region and soon after that to the East and West regions.

 

Here's the message i received on 6/29:

"The issue is still not fixed. We have done the workaround currently. The issue is with NAT64 and UDP checksum failing for IPSec session. As Rogers is implementing IPv6 to the network, there were some configuration and bugs. We are working diligently to resolve this issue permanently. In fact, the fix is scheduled to be implemented on Monday night/Tuesday morning (Jul 2/3) for Central region. It would then be deployed to the East and West region."

 

I have tested my other phones after the fix has been rolled out and I can confirm that the issue is fixed.

 

Hope it helps,

 

 

 

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

gp-se
I'm an Advisor
In response to domino123

‎07-25-2018 06:30 PM

@domino123 wrote:

I apologize for not updating this thread a while ago.

 

The IPSec VPN issue should be fixed by now for everybody.

 

I have been told by Rogers Enterprise Technical Support that a fix for the entire network has been rolled out on Jul 2/3  for Ontario Central region and soon after that to the East and West regions.

 

Here's the message i received on 6/29:

"The issue is still not fixed. We have done the workaround currently. The issue is with NAT64 and UDP checksum failing for IPSec session. As Rogers is implementing IPv6 to the network, there were some configuration and bugs. We are working diligently to resolve this issue permanently. In fact, the fix is scheduled to be implemented on Monday night/Tuesday morning (Jul 2/3) for Central region. It would then be deployed to the East and West region."

 

I have tested my other phones after the fix has been rolled out and I can confirm that the issue is fixed.

 

Hope it helps,

 

 

 

@domino123

Weird because my phone still won't show my ip camera over HSPA or LTE. On WiFi (any network, home or work) it shows the feeds.

 

0 Likes

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G

malone46844
I've Been Here Awhile
In response to gp-se

‎07-25-2018 07:11 PM

My experience is that IKEv1 (IPSec) is fixed on standard ports but OpenVPN on 1194 is not.  If you control the OpenVPN server then you can switch it to UDP/443 and that is working correctly (for us).

 

Getting the 'fix' by submitting your IMEI number gets you an IPv4 address, but it is only for that hardware - change your phone and you will be back to IPv6 only.

 

YMMV.

0 Likes
Copyright © 2023 Khoros, LLC