Home

Forums

Stories

Knowledge Base

Business Community > Routers > IPSEC Client-to-LAN full tunnel, router not reachable

< Routers

IPSEC Client-to-LAN full tunnel, router not reachable

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

IPSEC Client-to-LAN full tunnel, router not reachable

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Christiaan1981

2020-04-16 07:53:18 - last edited 2021-04-19 11:19:10

Posts: 2

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-04-16

IPSEC Client-to-LAN full tunnel, router not reachable

2020-04-16 07:53:18 - last edited 2021-04-19 11:19:10

Model: TL-R600VPN

Hardware Version: V4

Firmware Version: 4.0.3 Build 20190227 Rel.48206

When I have a IPSEC Client-to-LAN connection setup which routes 0.0.0.0/0 directly through the tunnel, I cannot access the IP of my TL-R600VPN anymore. It can't even provide DHCP leases anymore. The IPSEC server on the other side is StrongSwan on CentOS. I can access the TL-R600VPN from that server, but not from my LAN anymore.

Anybody know how I can fix this?

3 Reply

Andone

LV4

2020-04-17 02:33:04 - last edited 2021-04-19 11:19:10

Posts: 747

Helpful: 115

Solutions: 18

Stories: 0

Registered: 2018-07-19

Re:IPSEC Client-to-LAN full tunnel, router not reachable

2020-04-17 02:33:04 - last edited 2021-04-19 11:19:10

@Christiaan1981

A little confused. StrongSwan is your VPN server or R600VPN is your VPN server?

And where did you set the routes 0.0.0.0/0? If you set the route on your PC, it may make your PC send the data to the wrong gateway and cannot access R600VPN. If you set the route on R600VPN, it should be not able to make all traffic go to IPsec VLAN tunnel because IPsec VPN is not based on route.

Christiaan1981

LV1

2020-04-17 21:03:44 - last edited 2021-04-19 11:19:11

Posts: 2

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2020-04-16

Re:IPSEC Client-to-LAN full tunnel, router not reachable

2020-04-17 21:03:44 - last edited 2021-04-19 11:19:11

@Andone Strongswan is my VPN server. The R600VPN connects to it as Client-to-LAN IPSEC. Then the remote is always 0.0.0.0/0.

I can't use LAN-to-LAN because I want to route all traffic over the VPN.

Andone

LV4

2020-04-20 10:52:54 - last edited 2021-04-19 11:19:11

Posts: 747

Helpful: 115

Solutions: 18

Stories: 0

Registered: 2018-07-19

Re:IPSEC Client-to-LAN full tunnel, router not reachable

2020-04-20 10:52:54 - last edited 2021-04-19 11:19:11

@Christiaan1981

As I know, R600VPN only support to be a VPN server if choose Client-to-LAN IPSEC. And its IPsec VPN doesn't support to route all traffic over the VPN. Maybe it cannot meet your requirements. If you want to route all traffic over the VPN, you can choose L2TP or PPTP VPN. The below FAQ is a reference. The Strongswan will be the VPN server and PC will be the VPN client.

https://www.tp-link.com/en/support/faq/2137/

IPSEC Client-to-LAN full tunnel, router not reachable

IPSEC Client-to-LAN full tunnel, router not reachable

Information

Voters 0

Tags