I’m experiencing the exact same issue with my Samsung A32 5G. Just activated this phone last Friday and tried to connect to my work VPN over the hotspot and it’s just left to “Connecting”. I tried troubleshooting based on internet suggestions to change the mobile network away from 5G so either (a) LTE/3G/2G or (b) LTE/3G but experienced the same issue. I moved the SIM card to my previous Oneplus 6T and it is working. That is my current workaround but this is seriously an issue that T-Mobile needs to look into and fix. So now I have to carry 2 phones just in case I need to work and access my work file network.
Today (5/22/21), I was advised by tier 2 technical support that T-mobile does not support the use of VPNs through a cell phone hot spot. This was in response to my issue of not being able to establish an IKEv2 VPN from my laptop through the hot spot on a Samsung S20G FE. (I can do so using a different ISP without issue). When I asked for the document that stated as much, it was not immediately available. I was told I would have a copy within 72 hours. I am not holding my breath.
I can establish an SSL-based VPN connection through the hotspot, probably because SSL has to be supported for an internet connection to be of any value whatsoever.
I consider this a material failure since T-mobile does not make this information available when one signs up. I am considering legal action to negate the contract.
I don't known if this will help but I could not use my tmo samsung s20+ 5g phone as a Hotspot to VPN into office from a laptop. The solution was to change the properties of the wifi Hotspot device on my laptop to unchecked ipv6 and everything worked fine.
I don't known if this will help but I could not use my tmo samsung s20+ 5g phone as a Hotspot to VPN into office from a laptop. The solution was to change the properties of the wifi Hotspot device on my laptop to unchecked ipv6 and everything worked fine.
It’s something worth trying, but it did not help me. The core issue is that T-mobile does not support VPNs through a cell phone hotspot - as they have told me. SSL-based VPNs do work, not because T-mobile goes out its way to support them but because SSL is so pervasive a hotspot that did not allow it would be all but useless.
In my case, I am trying to use an IKEv2-based VPN - which is native to Windows - but requires a bit of effort on the part of the carrier to allow the necessary ports and protocols to be opened/allowed. T-mobile is apparently unable or unwilling to make this effort.
I have the same problem. I think it has to do with T-Mobile using ipv6 instead of ipv4. Any suggestions on a work around?
T-Mobile using ipv6 instead of ipv4.
Keep in mind that, at least for me, the WatchGuard SSL VPN (based on OpenVPN) works just fine with the phone’s hot spot and I know the firewalls at the other end are not using IPv6 (I manage them…. :)).
Find out for sure whether your VPN is SSL-based or IPSEC/IKEv2-based. If the former, there may be something you can do, but if it’s the latter, you may be out of luck.
Both types of VPN work just fine when I use my regular ISP (Cox Cable).
Hopefully this helps someone else. I had this same problem with my s21 5g phone. I saw a suggestion to switch to 3G. Poof. I immediately connected to my work VPN. I was then able to switch my phone back to 5G and stay connected. The next time I tried I left it on 5G and it worked. I don’t know the technical reason, but it seemed like it somehow couldn’t pass the VPN security while on 5G, but after connecting once, it’s all good. Maybe someone else can explain better, but worked for me.
Hopefully this helps someone else. I had this same problem with my s21 5g phone. I saw a suggestion to switch to 3G. Poof. I immediately connected to my work VPN. I was then able to switch my phone back to 5G and stay connected. The next time I tried I left it on 5G and it worked. I don’t know the technical reason, but it seemed like it somehow couldn’t pass the VPN security while on 5G, but after connecting once, it’s all good. Maybe someone else can explain better, but worked for me.
Thank you for the information. Please clarify whether you were making the VPN connection from your phone itself or if you were making a VPN connection from your laptop and using the phone as a hotspot. Also, do you know what type of VPN you are using (SSL, IPSEC, IKEv2, etc.)?
At least some of the folks in this thread are trying to do the latter (connecting from a laptop)
I have had the same problem with my Samsung A32 5G for the last 3 months, giving up. All devices connected to its Hotspot go to "connected without internet" any time after connection, rendering Hotspot virtually useless. Two more warranty replacement units failed in the same way. The same A32 of my wife's works fine though, even VPN connection too. Oneplus N200 5G and older Samsung J7 Star work flawlessly. 5G related? What is going on, T Mobile? I have been left in the lurch with your nonchalance.
Back in 2020, I was able to work remotely through VPN using the t-mobile hotspot without issue. Now the reliability of the connection seems iffy, and I am not able to access certain things as I could before. In addition, previously I could connect to Udacity’s coding modules without issue (while not connected to VPN), but now they seem to be blocked while on hotspot.
I am not sure what has changed, using the same phone as before, but this really has put a major damper on my ability to use my laptop remotely.
I found a post about turning off IPv6 on my WiFi connection on my Windows laptop that resolved this issue for me.
The issue I was having was that from my Windows laptop, I was NOT able to VPN into my workplace using my personal hot-spot thru my iphone 12 (I’m running iOS 15.1.1) using TMOBILE.
To resolve the issue, I had to disable IPv6 on my Wireless connection on my laptop.
Do disable IPv6 on my Wireless connection on my Windows laptop I did these steps:
- Open “Network and Internet Settings”
- Under “Advanced Network Settings”, Click on “Change adapter options”
- It will bring up a list of Network connections, double click on the one that says “Wi-Fi”
- In the new dialog box, click on “Properties” bottom left, do NOT click on “Wireless Properties”
- The next dialog box will have a list of "This connection uses the following items”
- Scroll down in that list to find “Internet Protocol Version 6 (TCP/IPv6)”, this will be in the list after the “Internet Protocol Version 4 (TCP/IPv4)”.
- Uncheck the box in front of “Internet Protocol Version 6 (TCP/IPv6)”. Leave the IPv4 checked.
- Hit “OK”
After I did these steps I was able to use the VPN client (in my case it is the FortiClient VPN) and I was able to successfully VPN thru my hot-spot thru my TMOBILE service.
I also went back and retested using a normal WiFi connection (thru my home network) and everything still worked in that case too.
I am supporting a user with a new S21, Can’t connect with Global VPN client on a laptop tethered to the phone. The sim card in another device works this way, and their previous phone, an S10 worked this way.
I have tried all the methods mentioned. But through testing I have determined for sure that the packets are not arriving to the Sonicwall at all. The other interesting thing is that on the phone, if you download the GVPN app, it connects on the phone no problem. But when a laptop is tethered, it goes around that VPN client on the phone and doesn’t work. It appears that the phone itself is blocking or somehow that phone on the T-Mobile network is blocking ports 500/4500 only on the hotspot connection.
This user needs to use their phone as a hotspot and connect their business laptop to their office VPN connection.
I have not found a solution yet.
I’m having this issue now too. Used to work fine on my Pixel 5.. not sure I ever used it on the P6, and now have a P7Pro.
My IPSEC VPN (Global Protect) will not work over the hotspot. It shows connected, but attempts to access anything internal behind the VPN go nowhere. External access to CNN, Google, etc. work fine.
If I set the VPN client to use SSL only, it works. And of course everything works fine from a land-based OSP.
Tmobile - really need an answer here. My phone is on a business account and I need to be able to access my corporate VPN via hotspot. This is ridiculous.
I just found this thread because I’m having the same problem. Hotspot on a Google Pixel 5a. The Sonicwall VPN client on my laptop appears to be having its connection attempts blocked. Everything else works. Fortunately, I’m just testing a new laptop, and it won’t actually be used this way. But it would have been nice to know so I didn’t spend an hour troubleshooting.
Yeah, this worked on my P5. I am wondering if only newer phones are able to filter out this IPSEC based traffic?
Either way, T-Mo needs to step up and at least answer why they are doing this, if not stop all together. It’s insane that they would block a corporate user trying to VPN back to their corporate network to do some work, while allowing hotspot video streaming. Not sure what they are trying to accomplish here.
Experiencing the same issue receiving numerous calls from our employees working from home using T-mobile’s new 5g home internet. My IPSEC VPN (Global Protect) will not work over the other T-mobile hotspots either. Spent half the day with Sonicwall’s engineering to find T-mobile’s service was not passing the VPN traffic on ports 500 & 4500. Hot spots on Verizon and ATT work with no issues.
Yeah, this worked on my P5. I am wondering if only newer phones are able to filter out this IPSEC based traffic?
Either way, T-Mo needs to step up and at least answer why they are doing this, if not stop all together. It’s insane that they would block a corporate user trying to VPN back to their corporate network to do some work, while allowing hotspot video streaming. Not sure what they are trying to accomplish here.
That’s my guess. It was never an issue on my P3, only my P5 (and I assume my P7Pro, but have not tested it yet).
@T-Mobile - why can we not get an answer here?
So my situation was a little different since I was using a work laptop and Inseego MiFi hotspot and my work laptop is using Cisco AnyConnect Secure Mobility Client VPN. My work laptop locks down Network Preference Properties behind an admin account so I couldn't access any settings there. And the VPN only utilizes IPv4. However, I was able to get the Cisco VPN to work by logging into Inseego Web Admin panel. Once there, I navigated to Settings -> Advanced -> LAN -> IPv6 and unchecking the IPv6 box. Hope this helps someone!
So my situation was a little different since I was using a work laptop and Inseego MiFi hotspot and my work laptop is using Cisco AnyConnect Secure Mobility Client VPN. My work laptop locks down Network Preference Properties behind an admin account so I couldn't access any settings there. And the VPN only utilizes IPv4. However, I was able to get the Cisco VPN to work by logging into Inseego Web Admin panel. Once there, I navigated to Settings -> Advanced -> LAN -> IPv6 and unchecking the IPv6 box. Hope this helps someone!
I will have to see if I can disable IPv6 on my P7Pro and test it. Thanks!
Still think T-Mo needs to step up and explain why they would block something that most business users would utilize.
I found a post about turning off IPv6 on my WiFi connection on my Windows laptop that resolved this issue for me.
The issue I was having was that from my Windows laptop, I was NOT able to VPN into my workplace using my personal hot-spot thru my iphone 12 (I’m running iOS 15.1.1) using TMOBILE.
To resolve the issue, I had to disable IPv6 on my Wireless connection on my laptop.
Do disable IPv6 on my Wireless connection on my Windows laptop I did these steps:
- Open “Network and Internet Settings”
- Under “Advanced Network Settings”, Click on “Change adapter options”
- It will bring up a list of Network connections, double click on the one that says “Wi-Fi”
- In the new dialog box, click on “Properties” bottom left, do NOT click on “Wireless Properties”
- The next dialog box will have a list of "This connection uses the following items”
- Scroll down in that list to find “Internet Protocol Version 6 (TCP/IPv6)”, this will be in the list after the “Internet Protocol Version 4 (TCP/IPv4)”.
- Uncheck the box in front of “Internet Protocol Version 6 (TCP/IPv6)”. Leave the IPv4 checked.
- Hit “OK”
After I did these steps I was able to use the VPN client (in my case it is the FortiClient VPN) and I was able to successfully VPN thru my hot-spot thru my TMOBILE service.
I also went back and retested using a normal WiFi connection (thru my home network) and everything still worked in that case too.
THANK YOU THANK YOU for this post. My IT Department could not figure this out. I found your post, sent it to them and what do ya know? I was able to successfully connect to my work VPN from my hotspot on my iPhone 14!!!!
I had the same issue using the RG2100 5G hotspot. I found a work around by limiting the hotspot bandwith down from 5G to LTE only. Slower connect speeds but allows for VPN.
I found a post about turning off IPv6 on my WiFi connection on my Windows laptop that resolved this issue for me.
The issue I was having was that from my Windows laptop, I was NOT able to VPN into my workplace using my personal hot-spot thru my iphone 12 (I’m running iOS 15.1.1) using TMOBILE.
To resolve the issue, I had to disable IPv6 on my Wireless connection on my laptop.
Do disable IPv6 on my Wireless connection on my Windows laptop I did these steps:
- Open “Network and Internet Settings”
- Under “Advanced Network Settings”, Click on “Change adapter options”
- It will bring up a list of Network connections, double click on the one that says “Wi-Fi”
- In the new dialog box, click on “Properties” bottom left, do NOT click on “Wireless Properties”
- The next dialog box will have a list of "This connection uses the following items”
- Scroll down in that list to find “Internet Protocol Version 6 (TCP/IPv6)”, this will be in the list after the “Internet Protocol Version 4 (TCP/IPv4)”.
- Uncheck the box in front of “Internet Protocol Version 6 (TCP/IPv6)”. Leave the IPv4 checked.
- Hit “OK”
After I did these steps I was able to use the VPN client (in my case it is the FortiClient VPN) and I was able to successfully VPN thru my hot-spot thru my TMOBILE service.
I also went back and retested using a normal WiFi connection (thru my home network) and everything still worked in that case too.
This worked for me, thanks for the help! I also use FortiClient through my employer and couldn’t connect via my iPhone hotspot. Disabling the IPv6 as you detailed here worked!
VPN (SonicWall) will not connect over T-mobile 5G Hotspot
This vpn works fine with WFI but it will not work with the hotspot
using A71 Samsung 5G phone with T-mobile service and extra downloading (paying extra but not using this because it will not connect to VPN)
VPN software SonicWall
VPN was working a month ago and then the phone did an update and immediately the VPN stopped working
VPN hanging at acquiring ip
I bought this 5G phone as a hotspot for work and now it does not work at all with VPN. :(
I found a post about turning off IPv6 on my WiFi connection on my Windows laptop that resolved this issue for me.
The issue I was having was that from my Windows laptop, I was NOT able to VPN into my workplace using my personal hot-spot thru my iphone 12 (I’m running iOS 15.1.1) using TMOBILE.
To resolve the issue, I had to disable IPv6 on my Wireless connection on my laptop.
Do disable IPv6 on my Wireless connection on my Windows laptop I did these steps:
- Open “Network and Internet Settings”
- Under “Advanced Network Settings”, Click on “Change adapter options”
- It will bring up a list of Network connections, double click on the one that says “Wi-Fi”
- In the new dialog box, click on “Properties” bottom left, do NOT click on “Wireless Properties”
- The next dialog box will have a list of "This connection uses the following items”
- Scroll down in that list to find “Internet Protocol Version 6 (TCP/IPv6)”, this will be in the list after the “Internet Protocol Version 4 (TCP/IPv4)”.
- Uncheck the box in front of “Internet Protocol Version 6 (TCP/IPv6)”. Leave the IPv4 checked.
- Hit “OK”
After I did these steps I was able to use the VPN client (in my case it is the FortiClient VPN) and I was able to successfully VPN thru my hot-spot thru my TMOBILE service.
I also went back and retested using a normal WiFi connection (thru my home network) and everything still worked in that case too.
This worked for me, thanks for the help! I also use FortiClient through my employer and couldn’t connect via my iPhone hotspot. Disabling the IPv6 as you detailed here worked!
Score! I was also stuck using my company-supplied VPN (FortiClient) and my IT department swore up and down that it must be T-Mobil that is the problem (well it is in the end...). This finally fixed my issue after trying to figure it out on my own for months on end. Last week I was sitting in front of an empty church glomming off of their unprotected wifi signal just so I could obtain a file from my company servers. No more!
I found a post about turning off IPv6 on my WiFi connection on my Windows laptop that resolved this issue for me.
The issue I was having was that from my Windows laptop, I was NOT able to VPN into my workplace using my personal hot-spot thru my iphone 12 (I’m running iOS 15.1.1) using TMOBILE.
To resolve the issue, I had to disable IPv6 on my Wireless connection on my laptop.
Do disable IPv6 on my Wireless connection on my Windows laptop I did these steps:
- Open “Network and Internet Settings”
- Under “Advanced Network Settings”, Click on “Change adapter options”
- It will bring up a list of Network connections, double click on the one that says “Wi-Fi”
- In the new dialog box, click on “Properties” bottom left, do NOT click on “Wireless Properties”
- The next dialog box will have a list of "This connection uses the following items”
- Scroll down in that list to find “Internet Protocol Version 6 (TCP/IPv6)”, this will be in the list after the “Internet Protocol Version 4 (TCP/IPv4)”.
- Uncheck the box in front of “Internet Protocol Version 6 (TCP/IPv6)”. Leave the IPv4 checked.
- Hit “OK”
After I did these steps I was able to use the VPN client (in my case it is the FortiClient VPN) and I was able to successfully VPN thru my hot-spot thru my TMOBILE service.
I also went back and retested using a normal WiFi connection (thru my home network) and everything still worked in that case too.
As of yesterday, for me, this is no longer an option. It appears that you can not disable IPv6 on a wifi connection. It completely looses connection. Also unable to use ZScaler OR PIA VPN services.
Unfortunately I am going to have to leave T-Mobile over this.
Anyone else run into this just recently?