Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

iPhone L2TP Issues

Post Reply
 
AdamT77
just joined
Topic Author
Posts: 2
Joined: Thu Apr 25, 2024 2:19 pm

iPhone L2TP Issues

Thu Apr 25, 2024 2:32 pm

I am working on a complex config on another router, for simplicity I have setup a new router with the utmost basic config for a L2TP server.

I can connect to the VPN using my Mac and iPhone and can get traffic through to most websites (MacBook works fine). However when I try and load google and some other sites from the iPhone -- they do not load. I'm pretty sure this is MTU issue and I have tried changing the values aswell as added some mangle rules but still cannot get Google.com to load only on the iPhone. (Tested with Safari/Chrome) (Other things act strange aswell like the Apple AppStore won't load ('no connection error')

Scenario:
iPhone over Cellular 5G > Mikrotik L2TP = Google Does not work / AppStore does not load / other sites like Netflix work.
MacBook > Tethered to iPhone (over 5G) > L2TP Established via MacBook to Mikrotik Router = Google Works, no issues

Working from the Internal LAN, Google works for iPhone and there's no issues, so it's something related when L2TP is added into the mix. Tried dropping MTU to 1280 on the L2TP but this did not help and did not break anything so reverted back to default.

I am assuming that the MacBook is better handling the MTU vs the iPhone, any suggestions?

This is the whole config:
Code: Select all
/interface ethernet
set [ find default-name=ether5 ] name=SWITCH
set [ find default-name=ether1 ] name=WAN

/ip ipsec profile
set [ find default=yes ] dh-group=modp1024 enc-algorithm=aes-256 hash-algorithm=sha256

/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256,sha1 enc-algorithms=aes-256-cbc,aes-128-cbc

/ppp profile
set *0 dns-server=1.1.1.1 local-address=192.168.6.1 remote-address=192.168.6.10

/interface l2tp-server server
set enabled=yes ipsec-secret=secretkey123456 max-mru=1450 max-mtu=1450 use-ipsec=yes

/ip address
add address=192.168.6.1/24 interface=SWITCH network=192.168.6.0

/ip dhcp-client
add interface=WAN

/ip firewall nat
add action=masquerade chain=srcnat src-address=192.168.6.0/24

/ip ipsec policy
add group=*3 proposal=*1 template=yes

/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.6.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10

/ppp secret
add name=username password=password
Top
 
AdamT77
just joined
Topic Author
Posts: 2
Joined: Thu Apr 25, 2024 2:19 pm

Re: iPhone L2TP Issues

Fri Apr 26, 2024 4:25 pm

Despite this being an issue for months across 2 different sites, performing the troubleshooting in my original post and replicating the issue on a router with a basic config, this issue suddenly resolved itself. :shock:
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 20 guests
  4. RouterOS
  5. Beginner Basics