TL-R600VPN suggestions

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-R600VPN suggestions

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-R600VPN suggestions
TL-R600VPN suggestions
2019-10-11 20:22:03 - last edited 2021-04-19 11:50:50
Model: TL-R600VPN  
Hardware Version: V4
Firmware Version: 4.0.3 Build 20190227 Rel.48206

In testing out some inexpensive VPN routers to connect to a Barracuda NG firewall over IPSEC, I have some suggestions for the TL-R600VPN appliance:

 

1> Allow for overlap in local and remote IP ranges, such as: Local = 192.168.50.0/24 and remote as 192.168.0.0/16    Many other brands allow this and seem to exclude local ranges in the background.  It greatly simplifies VPN setup.

 

2> In my environment, I have several subnets covered by the 192.168.0.0/16 range.  Because this doesn't allow overlap, I had to create individual tunnels for each subnet range like 192.168.10.0/24, 192.168.20.0/24, 192.168.30.0/24 and so on.  With the current interface, you have to set all the parameters exactly the same way for a common local/remote gateway pair or the screen will give an error and not allow a save.  That is EXTREMELY time consuming and error prone to do when you have dozens of subnets to deal with.  Instead, why not just allow additional local/remote subnet ranges under the same tunnel definition without having to deal with all the extra settings?  Ubiquity is a good example of one that works like this.

 

Although I've run into some other minor issues, those would go a long way toward making this a better product.  Thanks for your consideration.

 

  0      
  0      
#1
Options
1 Reply
Re:TL-R600VPN suggestions
2019-10-12 08:25:10 - last edited 2021-04-19 11:50:50

@11thPlague 

 

It's a good way to use 192.168.0.0/16 to merge different subnets. 

It's also reasonable that local subnet cannot overlap remote subnet. Suppose the local subnet is LAN, when router receive the data sent to the remote subnet, it has two choose, send the data to VPN tunnel or send the data to LAN according to the routing table. Maybe has conflict. 

 

 

  0  
  0  
#2
Options