Saturday, December 28, 2013

T-Mobile VPN Fix

Virtual Private Networking (VPN) is a secure (encrypted) way of connecting to private resources (business LAN, home computer) over the public Internet. To make a VPN connection, VPN client software typically connects to VPN server software. VPN types include Point To Point Tunneling Protocol (PPTP, deprecated but still useful) and OpenVPN (recommended, secure). But you may have a problem making VPN connections over T-Mobile USA wireless data.
The Symptoms: You are able to do things on your mobile device over T-Mobile data (browse the Internet, send and receive email, etc), and you are able to make VPN connections over Wi-Fi wireless, but you are not able to make VPN connections over T-Mobile wireless data. 
The Cause: T-Mobile apparently pushed out a data configuration in late 2013 that set APN Protocol to IPv6. That works properly for most things on mobile devices, but it prevents PPTP (built into Android) and OpenVPN (OpenVPN Connect) clients from making VPN connections.
The Cure: Open Settings > Wireless & Networks > More... > Mobile networks > Access Point Names > T-Mobile GPRS (fast.t-mobile.com) > APN protocol, and change the selection from IPv6 to IPv4/IPv6 IPv4 (see update below).
The Caveat: This cure was tested successfully with a Nexus 5 running Android 4.4.2 KitKat on a Prepaid plan, and it might not work properly on other devices or plans. Use at your own risk.
Update: IPv4/IPv6 currently causes issues with some websites (example), so try IPv4.

7 comments:

  1. Thank you! I had no idea why everything stopped working but that fixed it.

    ReplyDelete
  2. Thanks a lot for this. Works for me. I'm curious how you figured it out?

    ReplyDelete
    Replies
    1. I do networking professionally, and seeing issues in the transition to IPv6, so that's something I check when I encounter problems.

      Delete
  3. John

    I have this exact issue but am unable to alter Access Point Names, they are 'Greyed' out and not accessible. What would I do in that situation, any idea?

    Thanks in advance.

    ReplyDelete
  4. Problem solved: Create new access point using exact settings from fast.tmobile.com but change APN protocol to IPv4. Works fine now but a pity I had to configure a new access point instead of them allowing me to edit the existing one. Thanks for your article, it certainly helped me.

    ReplyDelete
  5. Thank you I found your blog. I am on the Nexus 5 $30 plan. You rock!

    ReplyDelete