Samsung SCH-LC11 Blocks Microsoft VPN
abailey
Newbie

Just got our new Samsung SCH-LC11 Mifi's today. Very impressed by the speed however we discovered a huge limitation. It appears that the Mifi blocks GRE traffic, even after enabling the "VPN Passthrough Enable". I contacted the VZW support line, spent 45 minutes with the rep who finally told me this device is intended for "home" users that don't connect to VPNs. I then asked him why is there a "VPN Passthrough" function and why do they highlight this product in the VZW Business site?

 

I checked the VZAM.net site and there is no VZAccess for this model yet.

 

Anyone else heard of this issue or tried to connect to a Microsoft VPN using 4G service? I'm trying to figure out if it is the Mifi or Verizon that has an issue.

 

Thanks!

Labels (1)
0 Likes
Reply
1 Solution
ProfessorHP
Enthusiast - Level 1

+1 on the confirmation of the new firmware release (v.1.0.019). This device with the lates firmware supports PPTP and IPSEC.

 

FINALLY!

 

PHP

View solution in original post

0 Likes
Reply
51 Replies
LAughte792
Newbie

I am experiencing the same thing!  Why would they block that traffic.  I would think they would want business customers.  #FAIL

0 Likes
Reply
xraytango
Newbie

I have the same issue.  I enabled VPN passthrough.  I tried PPTP and IPSecs and neither work.  Again, this was marketed as a small business solution.  Now, I can't use my old 3G MiFi which worked fine!

0 Likes
Reply
willzzz99
Contributor - Level 3

What does the system log say?

0 Likes
Reply
dalewood
Enthusiast - Level 2

Same issue.

 

Microsoft PPTP hangs during authentication (to both Windows Server 2003 and 2008).   VPN passthrough is enabled within the SCH-LC11. 

 

Got my Sprint datacard out and confirmed that PPTP worked fine through it :smileyhappy:  It has also worked previously on the Verizon MiFi we upgraded (same laptop and same destinations just different datacards).

 

Real VPN software, Sonicwall in my case, works fine.

 

Opened a case with Verizon yesterday and they acknowledged this is an issue and they are busy working on a resolution.  Had a tech call back and want to run a trace while I tried to connect.

0 Likes
Reply
cyberdyne
Newbie

 

IPv4 addresses have almost ran out.  In order to conserve the remaining IPv4 addresses, a lot of carriers including Verizon Wireless are using private & NATd IP addresses.  If the device is a 4G device, the network will assign NATd IP addresses regardless of 3G/4G connection the device is making.
Of course, this is going to cause a problem with many remote applications such as VPN connectivity.  VPN may still be possible but may require additional configurations than previous 3G modems. 
VZW should have a static IP solution soon.  Depending on your needs I have found many remote apps like Hamachi and LogMein to work just fine over 4G.

 

0 Likes
Reply
stargate1
Newbie

"VZW should have a static IP solution soon"

 

Anybody know how soon?

0 Likes
Reply
cyberdyne
Newbie

I could give you a date but what good will that do?  Product & service launch dates almost always get pushed out / delayed.  I hope I am wrong but probally not.  I would guess  to see a static IP solution between May - July, but that is just a guess.  Any VZW rep that has told you a date as of the time of this post is just guessing too.  As of right now with 3G service only corporate accounts can sign up for static IP and it costs $500 for the one time setup fee.

0 Likes
Reply
odarky
Enthusiast - Level 2

I, too, have the same problem.  I work around it by connect to 3rd party VPN first, then connect to my Microsoft PPTP.

 

Me => 4G Mi-fi => StrongVPN => My work VPN (Microsoft PPTP)

 

If you have 3rd party VPN connection, give it a shot.

0 Likes
Reply
qustofla
Newbie

hi, I am not sure there is a way to contct anyone through this forum  I have the same problem and have been tryig to implement your solutions without much success.

If you could better explain the procedure and what 3rd party vpn software you used maybe I could get it to work.

I tried to "follow" but I am not sure if tht send you my email or not and I am afrid if I post it directly this whoe message may get deleted

Thanks.

PS:  I fully agree 100% with the diagnoses so far.  The ports needed for VPN and GRE recognition are what is missing
"

0 Likes
Reply
ChaunceyM_VZW
Contributor - Level 3

We would like to thank the community members for responding with great information. Several of your responses addressed the concerns expressed by abailey.

 

ChaunceyM_VZW Support 

0 Likes
Reply
Jearon
Newbie

 

Can you share which options specifically corrected the problem?

 

Thx.

0 Likes
Reply
ITKen
Newbie

I do not believe any acceptable solutions were given.  Only vague inferences as to what the problem could be.  Odarky's proxy setup is hardly an acceptable solution for a business environment.

 

I am seeing this issue as well.  Windows VPN works perfectly with 3G adaptor, but hangs at authentication on the Samsung 4G MIFI adaptor.  This seems like a pretty serious bug for a product that is being marketed to businesses.

0 Likes
Reply
rherman
Newbie

The Samsung is getting a public address of 10.x.x.x which is a provate address and is issuing 192.168.x.x which is a private address.  This means that you are being double natted which can cause problems for PPTP (Windows VPN).  This is a poor configuration by VZW however if they are out of public IPs there isn't much else that they can do.  The long term solution would be to issue these devices public IPV6 addresses.

0 Likes
Reply
yazza101
Newbie

I am blocked as well using Cisco IPSec VPN client.  I get an address on my company's internal network, but can't ping or access any network resources.  However, I am able to access resources using CIsco SSL VPN.

 

This is potentially a deal breaker...

0 Likes
Reply
willzzz99
Contributor - Level 3

It's probably the double NAT problem.

 

BTW VZW *very soon* WILL BE giving out public IP addresses (like consumer ISP's) but someone told me it will cost $500 and is aimed at businesses who need it. This is similar to the current 3G setup.

 

I would get a laptop card for the time being.

0 Likes
Reply
abailey
Newbie

I was just speaking with my Verizon Business rep and it is confirmed by Samsung that there is a problem with GRE on the LC11. They are telling customers that it should be fixed within 60 days (BLEH!). Samsung/Verizon is suggesting to people that you use L2TP instead, that is if your company allows it. 

 

Sounds like a bunch of crap to me!

 

0 Likes
Reply
NedP
Newbie

I am using the SCH-LC11 in the NYC area with a Juniper VPN.  I don't get blocked but I can not stay connected for more than 1 minute at which time the VPN is dropped completely.  So this appears to be a much larger issue for VZW and their business class customers.  What I wonder about is why there hasn't been any real publicity about this glaring problem.  Maybe if we can get this issue outside of this blog we can incent VZW to fix this sooner rather than later.  Just my two cents.

0 Likes
Reply
ZipTurtle
Contributor - Level 1

 


What I wonder about is why there hasn't been any real publicity about this glaring problem.

 

Don't know many businesses that would be inclined to announce they are having problems without needing to.  I'm sure there are a lot of users that don't use VPN where this is not an issue.

 

There are many other forums around that you can air the issue if you want.  Using these forums is by no means easy compared to most, you kind of have to go out of your way to use them.

 

I totally agree, this is a business class issue though and something they need to fix.  I'm sure they are working on it.

0 Likes
Reply
abailey
Newbie
BTW, I did setup L2TP and it does work through the LC11. if you are on Windows Vista, 7 or Server 2008, there is a registry hack that you have to do if your RRAS is behind a NAT as well. This KB says for Vista and Windows Server 2008 but it does apply to Windows 7 as well. Also had to allow the three UDP ports (1701, 4500 & 500) and L2TP System Option on our PIX.

http://support.microsoft.com/kb/926179
0 Likes
Reply
NedP
Newbie

Can someone from Verizon Wireless confirm whether this problem has been solved and if not when the fix will be available.  I have had to fall back to my 3G mifi and would really like to use the Samsung as I paid full rate for it.

 

thank you.

0 Likes
Reply