Menu
Reply
  • 6
  • 0
  • 0
IanJeffray
Tuning in
1,282 Views
Message 1 of 11
Flag for a moderator

VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

I've been directed here by the VirginMedia Twitter people... my issue is fairly straightforward;

Since Apple killed off PPTP support with iOS10, and the Virgin "super" hub doesn't allow L2TP pass-through, what are we to do about VPN access?     I'm a long time Virgin customer, and I'm network admin for our small company, trying to support other users getting access to our workplace LAN -- PPTP was never ideal, but we allowed it for Virgin customers because L2TP was blocked.  Now we're really stuck.  Why doesn't Virgin support L2TP pass-through?  What's the deal?

 

0 Kudos
Reply
  • 9.88K
  • 323
  • 854
legacy1
Hero
1,266 Views
Message 2 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

The easiest solution is just your own router use modem mode.

People don't seem to understand just how broken VM is becoming due to the demand for router mode something an ISP like VM should not be doing because they will do it on a budget and with not enough testing.

Now if you wait they might fix it but if you need it now cross your fingers with glue and a cable tie...and duck tape.

  • 6
  • 0
  • 0
IanJeffray
Tuning in
1,264 Views
Message 3 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Yeah, modem mode isn't really a "solution" - requires buying new kit and a semblance of network savvy.   It's disappointing how braindead VM's router is (or at least the interface they expose).

0 Kudos
Reply
  • 9.13K
  • 302
  • 981
Forum Team
Forum Team
1,179 Views
Message 4 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Hello IanJeffray

 

Sorry you are having a few problems using VPN. Our customers use a few different hubs, is it just the new hub 3 you have noticed an issue with?  We did carry out trials on the same firmware level released at the moment and VPN was found to work. To be honest I am not sure of the protocols involved in the testing, whether it was L2TP or whether it was blocked. I have spoken to our firmware team and in general VPN seems to be working, I wonder if any of our forum community using a working VPN with a hub 3 would be kind enough to share details.

 

Thank you

Nicola

Virgin Media Forum Team
  • 6
  • 0
  • 0
IanJeffray
Tuning in
1,171 Views
Message 5 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Hi Nicola_C,

It's a SuperHub 2 that I've got, according to the sticker on its base.   That's the latest that was available when I was bumped to the 'new' 100Mbps (now 150Mbps) service which required a hub upgrade.  I'm not sure what kit other Virgin customers I need to support have actually got. (I've got a box with FOUR different previous hubs/modem models you've sent me over the past 17 years I've been a Telewest/BlueYonder/Virgin customer...  there's a lot of variety!)

I'd definitely like to hear from anyone that's managed to get L2TP to work with VirginMedia's standard installation (ie, not modem mode -- I don't consider that a 'solution' to this issue).   Or if I can get hold of a SuperHub 3 somehow, I'd be very happy to simply just try it for myself.

Thanks,

Ian

0 Kudos
Reply
  • 17.45K
  • 1.61K
  • 3.01K
Superuser
Superuser
1,165 Views
Message 6 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Have you got all pass-through options enabled in your Hub i.e in Advanced Settings > Security > Firewall ?

There is one for PPTP specifically, but then there are also ones for IPSec and Multicast.
**********************************
I work for Virgin Media - but all opinions posted here are my own
0 Kudos
Reply
  • 9.13K
  • 302
  • 981
Forum Team
Forum Team
1,164 Views
Message 7 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Hello Ian

 

I was just looking into this as Ben posted. Are you using IPSec with L2TP, here are the settings Ben mentioned

 

 

 

Nicola

Virgin Media Forum Team
  • 14
  • 0
  • 2
kbro
Tuning in
1,096 Views
Message 8 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

I'm having exactly the same problem with a Virgin Super Hub 2ac (hardware version 1.03 software version V1.01.1).  I have a Mac mini with macOS Sierra 10.12.1 and Server 5.2 connected via Ethernet, and I've used DHCP address reservation to give it a fixed IP address which I've then configured as the DMZ host in Advanced Settings > DMZ.  And, yes, I've ticked the checkbox to enable DMZ and clicked Apply!  I've got a free DDNS account at noip.com which the Mac mini is configured to update, and I've visited http://en.utrace.de to find my public IP address and confirm that it matches my DDNS hostname.  Finally, I used Server on the Mac mini to enable the L2TP VPN, and I confirmed that I can connect to it from my iPhone 6 when it's connected to the SuperHub wifi, using the mini's reserved 192.168.0.x IP address.

With all this in place, I then turn off WIFI on my iPhone and, using the Remoter VNC app, I attempt to connect to my DDNS hostname using SSH.  It connects, so absolutely everything is in place.  Next I edit my VPN profile to change 192.168.0.x to my DDNS hostname.  I then attempt to connect the VPN. It fails with a message saying "The L2TP-VPN server did not respond."

So either the Super Hub is failing to pass the L2TP traffic to my Mac mini when it comes in on the broadband line (remember, the hub DID pass the traffic when it came in over local wifi), or else the Virgin network isn't carrying the L2TP traffic, or else Vodafone (who supply my 4G SIM) aren't carrying the traffic.

My money is on the Super Hub being at fault.

0 Kudos
Reply
  • 14
  • 0
  • 2
kbro
Tuning in
1,093 Views
Message 9 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Oh, and I tried disabling the firewall altogether in Advanced Settings > Security > Firewall. Still didn't work.
0 Kudos
Reply
  • 14
  • 0
  • 2
kbro
Tuning in
1,079 Views
Message 10 of 11
Flag for a moderator

Re: VPN: Apple killed off PPTP, Virgin router doesn't allow L2TP through - what now?

Finally bit the bullet, put the Super Hub in Modem mode, connected up my old Apple Time Capsule and re-applied the VPN setting in the Server app on my mini. Server detected the presence of an Apple router and offered to configure it to allow the VPN to be visible on the internet. I said "yes" do it did, setting up Port Forwarding for UDP 500, 1701 and 4500 from the TC to my mini. And now it works. Marvellous. And since I now have a proper router I can set the DNS servers too, which was one of my main irritations with the Super Hub before now.

I'm not too upset about the "extra box" in this setup because I previously had the TC on my network anyway, acting purely as a NAS. I didn't use it for wifi because it's an ond one that only does 182.11n, so I can no longer get the full-bore 150Mbps download speed on my MacBook Air - it speaks at about 120 but more realistically runs at about 90. Guess I'll have to put a new Time Capsule on my Christmas list :-)
0 Kudos
Reply