Hi everyone. I just ran into a strange issue: i have a rb4011 that serves as IPSEC\IkeV2 server to which i connect through the windows built-in client flawlessly. If i connect to my server from another network (i.e. from my office) i can reach every internal resource and i can browse without problems, but if i connect using my phone as hotspot i can reach every internal resource but i can’t browse. I can ping 8.8.8.8, i can even tracert google.com, but when it comes to load webpages i can only load google and get search results. I tried various configurations but this issue persists even in the basic wiki configuration. Do you guys have any advice? Thanks!
i connect using my phone as hotspot
What gets establishes IPsec connection, your phone or another device that uses your phone as a hotspot? If it’s the latter could be some traffic shaping done by your MNO specifically for the hotspot clients.
The connection to the VPN is established by the windows native client. the phone is used only to provide internet connection.
I suppose that this is plausible. I don’t know why i can access to lan resources tho.. if there is somthing on the provider’s side to limit the hotspot client it should not work at all, right?
I recommend taking a look with wireshark to see what goes through and what’s not.
If ping works but nothing else then it could be an MTU issue. Can you find the maximum payload size that works for the ping tool? This thread may be useful: http://forum.mikrotik.com/t/ikev2-mtu-issue/160805/1