I have set up a L2TP VPN server on my ER-X (fw 1.10.10) , and have used my Android phone to test out.
-if I’m on my internal network (via wifi) it connects right away
-if I’m on an external network (via wifi) it connects right away
-if I’m on my LTE, it never connects
I’d like to think that it’s Rogers that’s to blame, but I also have entry on my Android phone for a Meraki L2TP IPsec VPN (as I manage a small network) and that work just fine.
So I followed all the right steps on the guide from Ubiquiti and I can’t get this to work. I’ve read some other posts that some wireless provides are all IPv6, I have not found any solution to this whatsoever, some have said “call the ISP and ask them to change to IPv4”… laughable suggestion.
Meraki seems to work so it’s definitely a problem with Ubiquiti equipment/setup.
>>If anyone has found a fix for this stupid issue please do share, it’s quite frustrating. Ubiquiti doesn’t seem to give a $hit.
Furthermore: If you already have a site-to-site tunnel configured on your ER-X, you will need to use that SAME PSK for connecting to your L2TP VPN server, of course this isn’t mentioned anywhere. I find this stupid because you define a PSK in the L2TP config, but it is not using it for whatever reason.
Got this resolved, figured out the issue on my own.
What’s interesting is that I emailed support, they looked over the configuration, suggested things that were irrelevant to the problem I was having. They totally missed a misconfiguration issue, so with this I can conclude that their support is garbage as the people responding have no actual real knowledge. It’s the second time I actually went to support and both times I had the same experience.
Check your public ip address when on LTE and see if it’s ipv6. If it is then it won’t work.
What was the solution after all? It could be interesting documenting it here. Was it a default firewall rule that was blocking it?
I’m currently having the same problem with Koodo Mobile and I don’t seem to have a ipv6 address
Whaat? Just like that?
I see that I have an IPv6 IP and the IPv4 IP is 192.0.0.4. Isn’t this IPv4 IP meant to do IPv4 to IPv6 conversion, or is that outbound. The ER-X needs to have something similar inbound?
This seems like a limitation of the Ubiquiti hardware, otherwsie why then can I connect through LTE to a Meraki L2TP IPsec VPN?
If it’s a limitation of Ubiquiti equipment, is it just the ER-X or all their routers have this problem?
Thanks
It’s weird but when I looked through the rule set, I found this problem. I only found this after watching someone on youtube adding these rules via the GUI, and I had the state option wrong.
rule 20 {
action accept
description Allow_L2TP
destination {
port 500,1701,4500
}
log disable
protocol udp
state {
invalid enable
}
Weirder still, it wasn’t working on LTE. I created a new AP that forced IP4 only. This worked, but I had issues with LTE/LTE+ connection after that.
I then switched back to the original AP and it worked. Not sure what happened there, but at least it’s working now just fine.
192.0.0.0/24 is a special purpose block. 192.0.0.4 is not a routable IP.
You’ll need a routable IP to make things work. You’re unlikely to get that from a cell provider these days.
ugh my bad, somehow i thought yours was a UDMP which does not support ipv6 yet. Im not sure about ER-X 
So why does the meraki l2pt VPN work then, if I can connect via l2pt VPN over LTE to another manufacturers device then it points away from your explanation.
Would appreciate an answer from someone with actual Ubiquiti product knowledge to confirm if it’s in fact an issue with the device which it seems to point to.
-- further testing—
So, on Rogers network, on LTE with Android phone, Default APN:
Phone shows IPv6 IP, and the IPv4 IP is 192.0.0.4
Connects just fine to Meraki L2PT PSK VPN
Will not connect to ER-X L2PT, or PPTP
Read some garbage about EdgeOS not handling IPv6 properly for L2PT - would be nice to get a confirmation so I know to move off Ubiquiti product to one that works; ER-X is on 1.10.10
Messed with APN on phone, created a new one for Rogers with support IP as only IPv4. Rebooted phone, testing on LTE
Testing Meraki VPN - working as it did before
Testing PPTP to ER-X - now works and connects instantly
Testing L2TP to ER-X - still not working
Surely points to the Ubiquiti router not being able to handle IPv6, but since IPv4 is also not working I really wonder what’s up with the config.
Can anyone help here with this? Not sure what the issue …
