MP70 IPSec Tunnel Problem

Very new to the Sierra world, so still very much learning. I work for an organization that is in the process of deploying some MP70 units. We are having a very hard time getting an IPSec tunnel setup. Whenever the tunnel is enabled/configured/applied on the router, as soon as it reboots, the router starts acting very strange. A lot of the time the cellular connection light will just blink red. If you keep rebooting it will eventually turn green, but even if it does, the internet does not work on the wireless or wired networks on the router. It absolutely will not work right until you disable the tunnel you are working on. I don’t understand what could be changing on the router when the tunnel is enabled that would prevent the cellular network connection from being made. Any help would be appreciated. Thanks!

Update to this: I backed the firmware down to On the 5 units I updated to the newest firmware, I was noticing a lot of really odd behavior. No such issues on the units since I reverted back to the old firmware. HOWEVER, I am still seeing an issue where when the VPN tunnel is enabled, clients connected to the router cannot connect to the internet. As soon as I disable the tunnel and reboot, clients can connect to the internet again. I would imagine there is a setting somewhere that I am missing but cannot figure it out.

Please make sure incoming and outgoing traffic are allowed when the VPN tunnel is enabled. You could go to ACEmanager -> VPN -> Split Tunnel to change the configuration.

We have 16 MP70 systems all setup to form VPN connections to out network (Ambulances), and everything works great. We’re on 4.9.3.x. When we upgraded to 4.12.x we lost the ability to connect to the devices (via AceManager) through the tunnel, and the devices stopped talking to Airvantage. I’ve since downgraded to 4.11.x, and everything works just like it did on 4.9. I see in 4.12 9and 4.13 now) that there are some new settings related to a VON setup, but I’m curious if anyone else has seen this odd behavior and has a suggestion. For reference, we pass all traffic back through the VPN to our network.

This issue is known and noticed in release note:,-d-,13,-d-,0-release-notes/
After upgrade to 4.13, default setting of “IPsec Implementation” is “Standard” and not merged with your old configuration.

If you still want to use old configuration, please change “IPsec Implementation” to “Legacy”, but Sierra recommend user should use new IPsec template(standard) according to use guide 41113545 Rev1:
“The AirLink MP70 supports Legacy IPsec implementation (in place prior to ALEOS
4.12.0) or the new Standard IPsec implementation. Sierra Wireless recommends that you
migrate any existing Legacy VPN implementations to the Standard version for increased
features and support.”


1 Like