TL-MR6400 v3 IPsec issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-MR6400 v3 IPsec issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-MR6400 v3 IPsec issue
TL-MR6400 v3 IPsec issue
2019-01-18 20:39:35 - last edited 2019-01-23 03:45:54

Hello,

I have TL-MR6400 v3 with LTE as WAN. My mobile operator gives me local IP behind NAT. As I see IPsec is the only type of VPN on this router that can be a client. I have a Strongswan as IPsec server with real static IP.

The problem is that Tunnel status is UP but no packet goes to port 4500. In dump I can see only requests to port 500 from high ports of NAT server and responces back. IKEv1 phases went well.

Any ideas?

  0      
  0      
#1
Options
2 Reply
Re:TL-MR6400 v3 IPsec issue
2019-01-24 07:58:48

Hi, from the information you mentioned, it should be the two routers not support NAT-T, if they are support support NAT-T, you can see packets goes to port 4500.

  0  
  0  
#2
Options
Re:Re:TL-MR6400 v3 IPsec issue
2019-02-07 20:34:27 - last edited 2019-02-07 20:37:52

Hi, not fully understand why two.. Anyway, TP-Link support team replied to me: TL-MR6400 same as TP-Link Archer MR200 doesn't support NAT-T. To build IPsec real IP address required.

This makes TP-link router useless.. I'm wondering what was the idea not to give LTE-router VPN-client mode..

  0  
  0  
#3
Options