VPN tunnel does not route packeages
I have two tunnels sitte-to-site, has gateway TL-ER6020 in each remote location TL-R600VPN, one tunnel works fine, but the other only sees or ping the TL-R600VPN rotuer ip, they are exactly the same, I have change ike policy and ipsec proposal and the tunnel still up, but only ping the router, I did uncjheck
Block Ping Packet From WAN Port |
Block Ping Packet From LAN Port
|
1.- does any body know why?
2.- can my router TL-ER6020 only sopports one ipsec tunnel?
any comments are welcome at this point.
Thank you
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
kotusha1 wrote
I have two tunnels sitte-to-site, has gateway TL-ER6020 in each remote location TL-R600VPN, one tunnel works fine, but the other only sees or ping the TL-R600VPN rotuer ip, they are exactly the same, I have change ike policy and ipsec proposal and the tunnel still up, but only ping the router, I did uncjheck
Block Ping Packet From WAN Port Block Ping Packet From LAN Port
1.- does any body know why?
2.- can my router TL-ER6020 only sopports one ipsec tunnel?
any comments are welcome at this point.
Thank you
Hi kotusha1
ER6020 should be able to set up multiple VPN tunnels.
Now you can ping ER6020 but cannot establish the VPN tunnel? Please make sure you have set up two IPsec VPN entries. If you are convenient, please post your configuration. Please note to hide your IP address.
- Copy Link
- Report Inappropriate Content
This are the two tunnela connected on router TL-ER6020, I changed IKE and ipsec credentials on tunnel 2 to test it that was the problem, but it it did not change a thing.
Information tunnel 1 - Gateway Side TL-ER6020 (The one working)
This is the branch side router TL-R600VPN
This is the tunnel that does not allow packages, only to the router 600vpn.
configuration on router TL-ER6020
This is the branch side router TL-R600VPN
- Copy Link
- Report Inappropriate Content
On branch side I'm able to ping the whole network (600VPN)
On Main Office side (TL-ER6020) can only ping the router (600VPN)
- Copy Link
- Report Inappropriate Content
This is the secury configuration on Router 600VPN, on the tunnel that is not working.
I have disable Dos attach Defense, but still does the same.
- Copy Link
- Report Inappropriate Content
According to the information you provided, the VPN tunnel was already established.
Do two R600VPN use the same firmware version? And you said that one VPN tunnel can work, one VPN tunnel has problem. Did you ping the same device? If the devices you ping are different, you can try to check the firwall of the deivces. Like Windows PC, we need to disable its firewall if we want to ping it.
For ER6020, you also can try to upgrade the latest beta firmware.
https://static.tp-link.com/2018/201803/20180330/TL-ER6020(UN)_v1_20180326_Beta.rar
- Copy Link
- Report Inappropriate Content
1.- both 600VPN have
Firmware Version: | 1.3.0 Build 160803 Rel.64469n |
Hardware Version: | R600VPN v3 00000000 |
2.- 6020 router has
|
3.- Im ping one computer and one DVR, the DVR does not have any firewall, plus I can ping it from the 600VPN, I still dont understand why is it not working.
- Copy Link
- Report Inappropriate Content
1.- I'd backup the configuracion of the working router, and restored it to the not working router.
2.- Disable the working router.
3.- Still the vpn tunnel does not work, I can only see the router.
This means that there is a malfuntion with the router 600vpn or a problem with the internet connection.
I will move the router to another location to see if it will work in another internet connection tomorrow.
- Copy Link
- Report Inappropriate Content
I forgot , I did upgrate the firmware to the router 6020, but it did not make any difference.
irmware Version: | 0.0.0 Build 20180326 Rel.35871 |
Hardware Version: | TL-ER6020 v1.0 |
- Copy Link
- Report Inappropriate Content
kotusha1 wrote
1.- I'd backup the configuracion of the working router, and restored it to the not working router.
2.- Disable the working router.
3.- Still the vpn tunnel does not work, I can only see the router.
This means that there is a malfuntion with the router 600vpn or a problem with the internet connection.
I will move the router to another location to see if it will work in another internet connection tomorrow.
The testing result that move the router to another location will be the important reference. Did you know any difference between two of your network?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2339
Replies: 9
Voters 0
No one has voted for it yet.