Business Community > Routers > how to create a site-to-site VPN
< Routers

how to create a site-to-site VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

how to create a site-to-site VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
how to create a site-to-site VPN
how to create a site-to-site VPN
2019-11-21 08:38:05 - last edited 2021-04-19 11:42:47

Hi all,
I have to create a site-to-site VPN and I would like to use only tplink routers.

 

I kindly need some confirmation/suggestion about how to go ahead

 

I think I would have, in both site:

 

  • the modem of my provider
  • behind the modem, connected on the WAN port, my tplink router (I thought to TL-ER6120)
  • behind the router, connected on the LAN port, a firewall, unless I can use TL-ER6120 as a firewall
  • behind the firewall the LAN

 

My questions are:

 

  1. has the above configuration a sense?
  2. the tplink router TL-ER6120 can also run as a firewall?
  3. have I to ask to my internet provider some special/particular configuration on their modem (no NAT or something else...) to let my cfg run?

 

thanks to all!

 

  0      
 
  0      
 
#1
Options
5 Reply
Re:how to create a site-to-site VPN
2019-11-22 05:37:59 - last edited 2021-04-19 11:42:47

@alemadama 

 

For how to configure site to site VPN, you can refer to the TP-LINK FAQ.

https://www.tp-link.com/en/support/faq/2163/

 

TP-LINK can run as a simple firewall. Actually it needs to based on what you need for firewall. TP-LINK router has NAT. External devices cannot access internal devices directly. And still has some firewall features, you can see its firewall menu.

 

If your modem is not a NAT, it means that your ER6120 will get public IP address. Then you don't need to ask your ISP anything. Just configure the router according to the above FAQ.

  0  
  0  
#2
Options
Re:how to create a site-to-site VPN
2019-11-22 08:05:24 - last edited 2021-04-19 11:42:47

Hi @Andone  and thank you a lot for this great and easy guide!

 

really appreciate!

 

I take advantage of your kindness with 2 questions:

 

1. do you thnk it should be possible to "put my tp-link routers in place of ISP routers"?

the procedure would be the same?

 

2. if my ISP routers had NAT, what would change in that procedure?

 

thanks again!

  0  
  0  
#3
Options
Re:how to create a site-to-site VPN
2019-11-25 01:08:04 - last edited 2021-04-19 11:42:47
If your ISP just provide the Ethernet cable to you and your tp-link router supports the dialup way that your ISP uses, then the tp-link router can replace the ISP router. And VPN settings would be the same. If you still use ISP router and it has NAT, then you need to open TCP/UDP port on ISP router. Like IPsec VPN, it needs to open UDP500 and UDP4500. And you may need to use aggressive mode for IPsec VPN on both routers.
  0  
  0  
#4
Options
Re:how to create a site-to-site VPN
2019-11-25 05:44:29 - last edited 2021-04-19 11:42:47

@Andone thank you again for your answer!

 

is there a way to know what is the dialup way that one ISP uses?

 

just to choose the right ISP and the right TPLINK

 

thanks

  0  
  0  
#5
Options
Re:how to create a site-to-site VPN
2019-11-26 06:16:49 - last edited 2021-04-19 11:42:47
You can choose your ISP firstly. Then consult the dialup way of your ISP. TP-LINK generally support PPPoE, dynamic IP and static IP.
  0  
  0  
#6
Options

Information

Helpful: 0

Views: 3238

Replies: 5

Related Articles
Cannot create working Site-To-Site VPN Tunnel
3115 0
Site to Site VPN issue
522 0
ER7212PC - Can it be configured to use both a client to site VPN and a site to site VPN
168 0
ER7602 VPN Site-to-Site Azure
1323 0
Site to Site to Site
879 0
Discovery of Access Points over Site-to-Site VPN
292 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.