1. mejim707's Avatar
    I have just purchased an HTC Thunderbolt. I need to be able to VPN to my corporate network using the phone. Now, the only way I can get this to work is by turning off LTE 4g. I do this by going into the secret menu *#*#4636#*#* - phone preferences then selecting CDMA auto PRL. This switches into perm 3G mode and I am able to VPN. But, if the LTE 4G is enabled VPN never connects. I don't understand this. I would love to be able to LTE for vpn since it's insanely fast! Please help me figure out this crazy issue. Thanks!
    Patrick Djuka likes this.
    06-28-2011 11:51 PM
  2. premise's Avatar
    I am able to vpn using wifi, 3g, and 4g. Not sure why you are having a problem but vpn over 4g works fine on my tbolt using stock rom.
    06-29-2011 01:00 AM
  3. sfam198's Avatar
    Are you accessing VPN on the actual phone? Or are you tethering your phone to a computer and accessing VPN on the computer? What VPN client are you using?

    I can access my corporate VPN when tethering my laptop to my phone over 4G. As a matter of fact I did just that over the last 2 weeks when I was traveling for work. It really is a life saver to be able to remote into a server at one location to fix an issue while driving 2 hours to fix a server at another location. And the 4G makes it like I'm sitting right in front of the console. Now if only I could get them to pay my phone bill in exchange for my increased productivity...

    My company doesn't "officially" support VPN on the actual phone yet, however they have given us the proper settings to try for the Citrix VPN client available on the market if we want to tinker with it. I've gotten logged in over 4G before, but there's nothing really set up on our end to do once you're logged in via the phone yet.
    06-29-2011 06:08 AM
  4. jim302's Avatar
    The issue is probably that you are getting a private IPv4 address from Verizon, as well as a public IPv6 address (LTE areas only).

    Most companies are still running VPNs on IPv4, and some VPNs won't play well with certain NAT implementations, which is used when you have a private IP address.

    When you disable 4G and eHRPD, you will start getting a public IPv4 address again.

    As you may have heard, we are running out of IPv4 addresses, and Verizon using NAT and Private IP addresses is a work around until more people deploy IPv6. Once your company deploys a VPN on IPv6, things should improve. However, this could take a while as this is a major transition and in some cases will require software/firmware updates on network equipment. Also, some very old operating systems don't always support IPv6, so all of that has to be retired as well.

    You can ask Verizon if they have any way to get a public IPv4 address, but I am not sure if this is available yet, and there may be a fee for this.
    06-29-2011 07:40 AM
  5. mejim707's Avatar
    I'm thinking you must be correct about the private vrs public IPv4 address. I will check with Verizon to see if they could help with this. Thanks
    07-06-2011 08:55 AM
  6. dbornack's Avatar
    The issue is probably that you are getting a private IPv4 address from Verizon, as well as a public IPv6 address (LTE areas only).

    Most companies are still running VPNs on IPv4, and some VPNs won't play well with certain NAT implementations, which is used when you have a private IP address.

    When you disable 4G and eHRPD, you will start getting a public IPv4 address again.

    As you may have heard, we are running out of IPv4 addresses, and Verizon using NAT and Private IP addresses is a work around until more people deploy IPv6. Once your company deploys a VPN on IPv6, things should improve. However, this could take a while as this is a major transition and in some cases will require software/firmware updates on network equipment. Also, some very old operating systems don't always support IPv6, so all of that has to be retired as well.

    You can ask Verizon if they have any way to get a public IPv4 address, but I am not sure if this is available yet, and there may be a fee for this.
    I don't buy it..

    I'm a network engineer that sets up VPNs all the time, and we're definitely not running IP4 at my company, and I have zero trouble. I use VPN over LTE ALL THE TIME.
    07-06-2011 03:40 PM
  7. jim302's Avatar
    I don't buy it..

    I'm a network engineer that sets up VPNs all the time, and we're definitely not running IP4 at my company, and I have zero trouble. I use VPN over LTE ALL THE TIME.
    Some VPNs work better behind NAT devices than others. Most companies are still using IPv4, and the private IP addresses Verizon is giving out will cause problems for some people.

    Also, when/if you are tethered via the mobile hotspot, you are using NAT again which further complicates this.

    Your VPNs might work, but not everyone is using the same setup as you.
    07-06-2011 03:58 PM
  8. paintdrinkingpete's Avatar
    I don't buy it..

    I'm a network engineer that sets up VPNs all the time, and we're definitely not running IP4 at my company, and I have zero trouble. I use VPN over LTE ALL THE TIME.
    So...you're running IPv6?

    The IPv6 is only *part* of the issue, the bigger one, and more likely problem the OP is facing, is that apparently VZW assigns a non-routable IP when using LTE vs. a public, routable IP when connected to the 3G network. I have no idea how accurate any of this is, but I will testify that some VPN implementations have to be configured differently depending on whether a client is using.NAT or not.

    Maybe your VPN doesn't have a problem with it, but that doesn't mean that answer isn't correct.
    07-06-2011 04:06 PM
  9. mejim707's Avatar
    OK, if you're a "Network Engineer" and run VPN over LTE "ALL THE TIME" can you shed some light on this issue? This is a known issue. You are probably misunderstanding and not attempting a VPN connection using the built in VPN connectivity settings of the Droid OS.

    If I switch the LTE off using the hidden settings outlined in the original post I am able to connect to VPN using the built in Droid VPN connection then I am able to run telnets, pings remote desktops and so on directly from the phone using apps. However, if I do not disable LTE the vpn will never connect. On the other hand, if I use a laptop to tether to the phones wifi hotspot I am able to connect to VPN over LTE or 3G.

    Any help would be great.

    I don't buy it..

    I'm a network engineer that sets up VPNs all the time, and we're definitely not running IP4 at my company, and I have zero trouble. I use VPN over LTE ALL THE TIME.
    11-08-2011 10:55 AM
  10. reggiehenry's Avatar
    Well, my android phone supports VPN connection. I'd like to configure it to use android vpn when using WiFi in malls, etc.

    If anyone has configured their device, what settings did you use?
    02-04-2012 10:35 AM
  11. faio_sys's Avatar
    Alternativly you can work with a external VPN-Solution. Hosted VPN-Server e.g. OpenVPN where Clients available for most devices. Search for "vpn over lte" and youll find solutions for this circumstance.
    02-21-2014 03:07 AM
LINK TO POST COPIED TO CLIPBOARD