As of Wed 9/14/2016 I am no longer able to connect though my opendns VPN on my iOS device. I'm using OpenDNS's Umbrella IPSEC VPN tunnel for iOS. Their service works fine on any wi-fi I am connected to but does not work when I try and use it via LTE. I began using it in July 2016 and up until Wed it worked fine.
I initially contacted OpenDNS and they had me run several diagnostics and believe the issue is with Verison and a change that was made in routing IPSEC traffic.
If this is not the correct forum for technical support please kindly direct me to the correct location.
The members John_Getzke and 7e18n1 are much more familiar with VPN issues then I am.
I'm most definitely NOT a VZW employee. If a post answered your question, please mark it as the answer.
We want to make sure that you are able to use your phone the way you need to at all times, CuRooster. You mentioned this change came about on Wednesday the 14th. At that time, did you do any updates on your device? Software/application?
Follow us on Twitter @VZWSupport
If my response answered your question please click the �Correct Answer� button under my response. This ensures others can benefit from our conversation. Thanks in advance for your help with this!!
VzW changes things all the time and when they do they don't seem to be in any hurry to reverse such changes that may affect users. I think you'll fair better by calling Customer Service (800) 922-0204 to complain and go on record. Beyond that, try another VPN.
for user comments:
I work for OpenDNS\Cisco. We have had two reports of this when users hit our Seattle datacenter. It works fine if they are on WiFi so it points to an issue when they route via the VZW network.
Traceroutes do reach the datacenter but they are unable to establish an IPSEC connection.
Can we get this escalated to your network operations team?
I have already sent an email to as they are listed as the tech contact in ARIN.
All pertinent information is below. Don't hesitate to contact me directly if you need more information.
Our Server addresses they would connect to would be m13.sea.opendns.com and m14.sea.opendns.com
Client source addresses at time of failure were 126.96.36.199 and 188.8.131.52
traceroute to vpn.umbrella.opendns.com (184.108.40.206)...
0 193.sub-66-174-27.myvzw.com (220.127.116.11) 25.72ms 17.87ms 55.38ms
1 100.sub-69-83-157.myvzw.com (18.104.22.168) 37.27ms 28.95ms 29.87ms
2 178.sub-69-83-157.myvzw.com (22.214.171.124) 25.72ms 26.93ms 39.97ms
3 194.sub-69-83-157.myvzw.com (126.96.36.199) 37.78ms 19.09ms 30.83ms
4 12.sub-69-83-144.myvzw.com (188.8.131.52) 26.73ms 25.59ms 31.88ms
5 141.sub-66-174-24.myvzw.com (184.108.40.206) 23.82ms 184.24ms 45.13ms
6 lag-101.ear2.seattle1.level3.net (220.127.116.11) 44.89ms 22.73ms 46.81ms
7 - * * *
8 open-dns-in.ear3.seattle1.level3.net (18.104.22.168) 109.2ms 40.59ms 37.47ms
9 m14.sea.opendns.com (22.214.171.124) 28.96ms 39.46ms 29.77ms
Here is a reverse trace our server to the clients address at time of failure (stops at hop 6)
[ ~] $ traceroute 126.96.36.199
traceroute to 188.8.131.52 (184.108.40.206), 30 hops max, 60 byte packets
1 rtr1.sea.opendns.com (220.127.116.11) 0.268 ms 0.262 ms 0.361 ms
2 7-1-16.ear3.Seattle1.Level3.net (18.104.22.168) 0.554 ms 0.524 ms 0.524 ms
3 * * *
4 VERIZON-WIR.ear2.Seattle1.Level3.net (22.214.171.124) 1.379 ms 1.361 ms 1.360 ms
5 140.sub-66-174-24.myvzw.com (126.96.36.199) 4.340 ms 142.sub-66-174-24.myvzw.com (188.8.131.52) 1.555 ms 4.759 ms
6 13.sub-69-83-144.myvzw.com (184.108.40.206) 1.418 ms 15.sub-69-83-144.myvzw.com (220.127.116.11) 1.408 ms 13.sub-69-83-144.myvzw.com (18.104.22.168) 1.378 ms
7 * * *
8 * * *
Without a specific error message to help you research there isn't much the community can do for you on this one. VPNs should be compatible with VZWs network, but you may have to tweak them from time to time to get them to work. This is normally a task for the VPN administrator, someone who has access to the VPN server or can adjust how the VPN is connecting behind the scenes.
It might be better to check with OpenDNS on this one to see if any other users are experiencing the same problems and hop onboard that support train for a resolution. I can almost guarantee that VZW is not going to make a change to their network if they are responsible for the outage on their NAT Firewall. You will have to configure around VZW instead.
The OpenDNS technical support engineer from OpenDNS I am working with had posted some trace logs to this thread to help Verizon Engineers figure out what is happening.
If if you haven't reached out to them yet please do so. I'm diligently working with them to get additional networking details to help trace down this issue.
I have exactly the same issue starting at the same time. I am sure this is a Verizon Wireless issue in the Seattle area. I have a second VPN provider besides OpenDSN Umbrella and it has the same problem - negotiation with VPN provider fails. The error is also on my second iPhone. VPN works fine over WiFi. It does not work over Verizon cellular.
I have tried contacting Verizon support but the people I talked with did not understand the issues and referred me to my VPN provider. I too have worked with OpenDNS and the problem definitely appears to be with Verizon. The OpenDNS support, based in Massachusetts, was able to establish VPN connection in his area over Verizon.
Who at Verizon can help? This is very frustrating.
I have both iPhone 6 and 5s. The problem is on iOS 9.3.5 and 10.0.1.
Can you provide the VZW community with the error messages or error information you have received from OpenDNS so far? That will help us track and compare the problem with others who are reporting the issue in that area.
If this is a regional issue to Seattle that may help the case with getting traction with VZW support engineers. Especially if we can confirm that it works just outside of that service area, that this is something that VZW intends to work.