So with the help of some folks here I was able to get a VPN set up (IKEv2) to view a remote camera using my AirLink LX40. It works fine with my Verizon SIM but when I swap out to a T-Mobile SIM I can’t reach the camera,
The T-Mobile service connects, I have Internet and can ping the external IP that the VPN connects to but despite the tunnel showing UP on both sides, I cannot get to the camera behind the LX40.
I’ve already troubleshot this with Barracuda (firewall at HQ) and am still waiting to hear back from T-Mobile engineering. All indications seem to point to T-Mobile blocking something that isn’t allowing me to get to the camera but I don’t understand how if the tunnel is up.
Any thoughts?
Hi @b.gorsky,
According to your description, you have successfully set up the VPN, which works well with Verizon SIM, but encounters issues when switching to T-mobile SIM.
Therefore, first please double-check if the issue comes from the T-mobile SIM, you can try using a different T-mobile SIM. If the issue persists, then seek assistance from the network provider.
Thanks,
That’s pretty much where I am at but I wanted to make sure I wasn’t missing something. Unfortunately troubleshooting anything advanced like this with the carriers is often a nightmare. Thanks.
T-Mobile claims to not be blocking anything but I’m not sure I believe them.
Is there anything else you can think of on the AirLink side that I might try?
Hi @b.gorsky,
-
Please try using another T-Mobile SIM to check if the issue persists.
If the problem continues, please provide log files and template files for when the LX40 works fine with Verizon and when the LX40 encounters issues with T-Mobile.
-
Here are the instructions for obtaining the log file and template file:
2.1 The configuration template file can be found in ACEmanager → Template. Provide any desired name for the Template Name, and then press Download to retrieve the template file.
2.2 Obtain the log file:
a. Go to AceManager > Admin > Log > Configure Logging.
Set all log levels to DEFAULT (NOTICE).
Set Linux Syslog to DISPLAY.
Then select Apply.
b. Reboot the gateway.
c. Go to Admin → View log → Download Logs.
Thanks,
Here are the logs for the T-Mobile connection. Sorry for the delay.
T-Mobile.zip (16.1 KB)
20240506_171443_filteredlogs.txt (1.3 MB)
Here are the files when used with Verizon (same device model and config - AirLink LX40):
Verizon.zip (16.2 KB)
20240506_173345_filteredlogs.txt (1.5 MB)
Hi @b.gorsky,
After comparing the two template files, I noticed that the VPN is connected.
However, I also observed that when using the Verizon SIM, you have set the IP to 192.168.13.101 in the DHCP Reservation List section. Is that the IP for the camera? On the other hand, when you use the T-Mobile SIM, it’s not there. That could be the reason why you can’t reach the camera. Please double-check.
Thanks,
Yes, that is the camera (and good catch), but I can’t access the anything across the VPN when I plug a laptop into the SW either.
I made some progress getting someone in T-Mobile to look at it. One of the things we did find was that if we use the VZW firmware instead of the generic Sierra FW, it appears that there is a VZW APN (vzwadmin?) embedded in the firmware. That wasn’t the issue with the VPN though. He noticed that even though the modem would connect and use the b2b.static APN of T-Mobile, somehow behind the scenes it was requesting the VZW APN. Weird. I noted it here in case it helps anyone else with another issue.
The only other thing the T-Mobile engineer mentioned was that he believes some devices are somehow hardcoded to Verizon and will not work with any other carriers. He told me they experienced this with Panasonic Toughbooks with “Verizon” modems built in. Looking at my LX40 a little closer, I noticed that the model on the label says “LX40, Verizon” - That said, the modem does connect and appears to pass regular traffic normally, except for the VPN issue.
T-Mobile finally found the issue. Apparently the SIM was provisioned for tablet use instead of router use.
Not really sure why that would make a difference but I am now able to pass traffic through the tunnel. Thanks for all your help here.
