TLDR: VPNs sometimes don’t work on EE’s mobile network due to IPv6. This blog post contains a ready-made device profile that forces IPv4 on EE’s mobile data network.
I set up a L2TP/IPSec VPN on my Synology Diskstation to be able to connect to the home network when out and about. While this works fine when I’m on WiFi, I couldn’t get it to work when on EE’s mobile data network on my iPhone. When connecting VPN I would get the message “The L2TP-VPN server did not respond. Try reconnecting. if the problem continues, verify your settings and contact your Administrator”
There are various posts on https://community.ee.co.uk that suggested it might be to do with Data Content Controls, but enabling Full Access here didn’t help.
There are other posts that suggest it is something to do with IPv6, and disabling IPv6 would do the trick, but iOS 12 doesn’t appear to have an end-user configurable option to do so.
Thankfully, there is a way I discovered thanks to this Apple StackExchange answer using the Apple Configurator which is a freely-available macOS tool typically used by businesses to customise their employees’ iOS devices. Using the Apple Configurator you can create a profile file which is an XML file with a “.mobileconfig” file extension.
By creating a cellular configuration you can specify the APN settings (Access Point Names) used by your phone that lets it know how to log onto the mobile data network of your provider and you can force it to use just IPv4. The EE ones available from apn-settings.com so I filled them in and also set the IP versions to just IPv4
To install the EE IPv4-only profile
Here is the profile I created: EE APN IPv4.mobileconfig ← click this link to download the profile. You will be prompted: “This website is trying to open Settings to show you a configuration profile. Do you want to allow this?”
Click Allow and on the Install Profile screen click Install at the top right:
Follow any prompts to install the profile.
To remove the profile
If you switch to another carrier, especially if you are roaming in another country you might need to remove the profile for mobile data to work (I don’t know for sure, not tried it abroad yet). To remove the profile, go to Settings > General > Profile & Device Management:
From here you can remove the profile.
3 thoughts on “SOLVED: Connecting iPhone to L2TP/IPSec VPN on EE”
Thanks Duncan, just what I was after!
Thanks Ducan, your profile fixed my L2TP connectivity via EE!
However, the profile introduced another issue for me. With the profile installed I could no longer use my iPhone as a hotspot for my MacBook. It would tether the devices but the MacBook would report no connectivity to the internet.
Have you seen this issue?
Hi Sony, I wonder if it is something to do with iPhone/Mac hotspot requiring IPv6 to do its magic… How about trying tethering over USB (i.e. via the lighting cable) or Bluetooth? See https://support.apple.com/en-gb/HT203302