1 2 Previous Next 19 Replies Latest reply on Oct 20, 2014 11:07 AM by John Getzke

    VPN problems with MiFi 4620 - help!

    soaringdude

      I just got my MiFi 4620 and it is absolutely amazing how fast it is. I tested it at home and got on the network, VPN to work and connected with no problems. I hit the road and now I realized that while the VPN connection works and it establishes the VPN session, I can't access anything on my work network (as a matter of fact after VPN is setup, I can't even connect to the MiFi admin page locally).  I have been tweaking things and looking over all configuration and everything seems to be correct.  Any ideas?

       

      BTW, I am running the native VPN client on a Mac.  MTU is set to auto (1500), VPN passs through is enabled, port filtering is off.  And if I switch to a local WiFi (e.g. starbucks), VPN works just fine.

        • 1. Re: VPN problems with MiFi 4620 - help!
          eppie

          I just posted the same issue with my Mifi, except that its the 4510. Internet while connected to Mifi works good, but no functionality when I connect to my work Cisco VPN. No internet, nothing.

           

          Please tell me you have found a solution for this!!

          • 2. Re: VPN problems with MiFi 4620 - help!
            evdotech

            Make sure when configuring for VPN you set the following:

            Phase1
            EA: 3DES
            IA: SHA1
            DH: Group 1
            28800 Seconds

            Phase 2
            EA: 3DES
            IA: SHA1
            3600 Key
            No PFS

            • 3. Re: VPN problems with MiFi 4620 - help!
              eppie

              evdotech, thanks for your help and excuse my ignorance, but are these VPN settings or Wifi Device settings? Where would I locate these configurations to change them? I do not see these config settings to change in either my Cisco or Wifi settings/preferences. Sorry to bother you but that would really help me out.

               

              Thanks

              • 4. Re: VPN problems with MiFi 4620 - help!
                John Getzke

                MiFi's should be compatible with Cisco VPN's.  I use both the 4510L and the 4620L with 2 flavors of Cisco.  No extra configuration is necessary for any of them.  Not sure about the default Mac VPN, never had a chance to confirm that one.

                 

                A little tidbit about VPN's.  When you enable a VPN tunnel back to your work you are effectively removing yourself from your local network.  That means that any local network devices like webcams, printers or router admin pages will not be accessible while the VPN is engaged. 

                 

                Given the tidbit from above your regular internet traffic should be working fine while VPN connected.  If your VPN is up and wordking but your traffic is not flowing through then there is most likely a proxy setting getting in the way.  In other words your machine is shooting its requests to an area that does not likely exist while on the VPN.  I'd suggest contacting the owner of your VPN to see what settings need to be enabled on your machine in order to communicate over the VPN.  Once you have the right settings configured everything should work.

                • 5. Re: VPN problems with MiFi 4620 - help!
                  asoroudi

                  I have been having the same issues, but with all my companies Windows XP/7  laptops. We have15 4510 mifi units, accessing VPN through Cisco VPN ipsec; no issues

                   

                  We bought 2 new 4620L Mifi, both of them with the same issue; won't connect through the Cisco ipsec VPN. We were told a firmware update is coming to fix the issue for 6 months, & firmware 3.20.11 was recently released. We updatde both Mifi 4620L units, neither works.

                  This is the exact line from the release notes for firmware 3.20.11; so there obviously is a known issue, which even though it says it fixes, it hasn't (for over 8 months now!!!!)

                   

                  "-Now able to connect to a VPN server when using IPSec over TCP"

                   

                  Verizon tech support has no clue & they keep putting me transferring me to the manufacturer of the mifi, which is Novatel. They keep telling me Verizon will release a new firmware & pass me back to Verizon.

                   

                  We can't be the only ones having this issue. Anyone else with ipsec VPN issues with the 4620L? Again, on the same exact laptops, the 4510L's work fine.

                   

                  I don't recommend anyone buy the 4620L mifi from Verizon until they have resolved their issues.

                  • 6. Re: VPN problems with MiFi 4620 - help!
                    John Getzke

                    What error messages are you recieving from Cisco IPSec VPN?  Perhaps those errors will shed some light about what is going on.  Cisco might be able to help you isolate the error message to a few possible causes too.

                     

                    Something that I bump into from time to time is the Win7 network detection process.  If Win7 has multiple network adapters enabled at the same time it might be making a wrong decision about its connection status and send requests to the wrong location.  I would try shutting down any extra adapters on one of your machines and try again.  All you should need enabled is the wireless and the cisco adapter.

                    • 7. Re: VPN problems with MiFi 4620 - help!
                      John Getzke

                      Another thread mentioned this link by Cisco:

                      https://supportforums.cisco.com/docs/DOC-17314

                       

                      Its worth a look, share it with your Network Admin if you do not have the permissions necessary to complete the steps. We happen to have our Cisco ASA configured correctly to allow the VPN traffic through Verizon. 

                      • 8. Re: VPN problems with MiFi 4620 - help!
                        asoroudi

                        Thx for the replies John;

                         

                        However, this is not a Cisco nor Windows 7 issue. Please see my previous post. All of our other Verizon, including other Novatel Mifi 4510 devices work fine. On the 4620, it doesn't even connect (you get a normal Cisco VPN client message saying unable to connect). On the same exact laptop, 4510 connects just fine. I have tested this on 15 laptops - same exact issue (I am the CIO).

                        It is a known issue on Verizon's side. They actually released a firmware a couple of weeks ago trying to fix it, which they didn't. In the release notes, it specifcially says:

                        "-Now able to connect to a VPN server when using IPSec over TCP"


                        Anyone else with any help or having the same issue (the issue is that it doesn't connect at all, not that it connects but has issues with the network resources).

                        Thx

                        • 9. Re: VPN problems with MiFi 4620 - help!
                          John Getzke

                          asoroudi wrote:

                          They actually released a firmware a couple of weeks ago trying to fix it, which they didn't. In the release notes, it specifcially says:

                          "-Now able to connect to a VPN server when using IPSec over TCP"

                           

                          I agree. I haven't seen any firmware updates for the 4510L or 4620L.  Can't seem to find the firmware notes for this device anymore but what you posted sounds familliar. 

                           

                          This wouldn't be the first time that the new VZW NAT network and devices has blocked legacy technology.  There are tons of complaints about anyone who needs unique IP's that are just out of luck.  If reconfiguration of your Cisco ASA is not an option then this will have to be chalked up as a limitation.  It will be interesting to see how the next MiFi device behaves.

                           

                          Like I said before, we use Cisco IPSec (V5.0.0.7) and it works fine with both the Mifi 4510L and 4620L.  However, we happen to be using that client on Win7 over UDP.

                          1 2 Previous Next