DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Apple iOS 14 VPN no longer connecting

  • bremen1874
  • Topic Author
  • User
  • User
More
02 Oct 2020 10:18 #1 by bremen1874
Apple iOS 14 VPN no longer connecting was created by bremen1874
Hi,

It appears that Apple has changed something in iOS 14 that's preventing me from connecting using L2TP.

It still works on more recent models I have at client sites (e.g. 2860) but doesn't on the 2920 I'm still personally using.

A quick Google shows that this is a known issue https://developer.apple.com/forums/thread/660499

Is there anything I can do on the router to fix the problem? I assuming not, and that this is something that would need to be fixed in the firmware which I doubt will happen with such an old device.

It's a shame as until now the 2920 has still been perfectly viable.

Please Log in or Create an account to join the conversation.

  • gaz8080
  • User
  • User
More
16 Oct 2020 01:26 #2 by gaz8080
Replied by gaz8080 on topic Re: Apple iOS 14 VPN no longer connecting
I have the same problem, I cannot connect to Vigor 2850 Vn from iPhone using iOS 14.

Can anything be done? I found this on Reddit:

Just an update: I got a reply from Apple to the feedback. The message is below:

Hello. We have upgraded the proposed ciphers in L2TP IPsec VPN to also propose SHA-256 for the Child SA in IPsec. The issue seems to be that the server is accepting SHA-256 cipher for the child but maybe dropping the ESP encrypted packets with SHA-256 HMAC. This may be because the server is performing a SHA-256 HMAC with 96 bits output instead of the standard expected 128 bits. This appears to be an issue for the VPN provider to resolve. Switching the SHA-256 HMAC output from 96 to 128 bits on the server should fix this issue.



https://www.reddit.com/r/MacOSBeta/comments/ih22h9/vpn_l2tp_over_ipsec_stopped_working_after/

Please Log in or Create an account to join the conversation.

  • hornbyp
  • User
  • User
More
17 Oct 2020 03:33 #3 by hornbyp
Replied by hornbyp on topic Re: Apple iOS 14 VPN no longer connecting

bremen1874 wrote:
It appears that Apple has changed something in iOS 14 that's preventing me from connecting using L2TP.

It still works on more recent models I have at client sites (e.g. 2860) but doesn't on the 2920 I'm still personally using.



I have an L2TP/IPsec VPN between a 2830n and 2860n. Somewhere on the web, I recently read about the currently recommended minimum key-lengths/algorithms etc for IPSec and noticed that the 2830n no longer meets these :cry: (Sorry, can't find the site now)

You can see what the 2920 does support, by going to 'VPN and Remote Access' >> 'LAN to LAN' - select an empty profile and hit "Advanced" in the 'Dial-Out Settings' section. (See the Drop-down lists for 'IKE phase 1/2 proposal'. (You can only manually select the options for Dial-out - for Dial-in, it presumably just tries to use what the other end suggests.)

Presumably Apple are now using something that the older Draytek's aren't capable of :cry:

Please Log in or Create an account to join the conversation.