help with creating a simple VPN with TLR600VPn
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Good night, I would like the help of someone more experienced. I'm trying to set up a simple VPN to interconnect two stores at different addresses, I'm trying to do it according to the manuals available on the model's website, but I couldn't understand how to proceed with links with gcnat and static ip, because I use it for Net internet by the way a crap, I asked for the opening of doors (80, 8080,1701,1723, 500,4500 ... among others for the creation of vpn and other applications, but I was unable to confirm if in fact they were opened, a tremendous bureaucracy) .
I'm asking for a fixed IP to see if it helps, but while I'm trying to get it now. my biggest doubt is in relation to the ips, in the part where the ipsec ipsec lan ips are configured for lan until i understood correctly, but not the direction of the ports there that the bug catches, because, as the ip of the net modem is 192.168.0.1 and the vpn router is 192.168.1.1, I cannot redirect the ip of the vpn router inside the net modem, as they are different, I even tried to leave the modem as a bridge, but that also doesn't work. I made all possible combinations, but when I check if the tunneling is not going, the topology looks something like this:
Store A net modem ip: 192.168.0.1 = dynamic ip TLR600VPn router 192.168.1.1
Shop B hi modem ip: 192.168.2.1 = fixed ip 202.192.0.1 TLR600VPn router 192.168.3.1
So, I would like to know how to distribute the ips so that there is no conflict or overlap and how to properly redirect the ports using the correct ips and what is the simplest correct configuration within the TLR600VPn router thank you very much help
The TL-R600VPN routers are receiving public IP from the modems, but my problem is precisely how to define and configure the IPs, for example which will be the Remote Gateway within the router's IPSEC VPN configuration, it must be the operator's public IP or the modem IP?
Regarding the direction of ports, I contacted the operator, and they informed me that my IP does not teach in GCNAT and that there are no port restrictions, but to test if there would be no problem, I tested a port (7070) calling my computer directly to the operator's modem in bridge mode and it worked perfectly, but when testing with the TL-R600VPN router creating the Virtual server for my computer's ip, it didn't work the port is blocked, I believe that this is not due to router or computer firewall
Another question regarding port forwarding, in the case of IPSEC configuration, which IP would you use to do the port forwarding (Internal Server IP), would be the IP that comes from the modem? Or the IP of the TL-R600VPN router itself?
Another question is how to proceed with the dynamic IPs of the operator, I try to keep in mind that they are renewed with each restart of the modem, would it be necessary to use DDNS and how would that not be practiced?
I don't know if I can post a backup file of the router to see how my configuration is and modify it correctly, but if I could it would be an excellent alternative
I appreciate everyone's help
Bom dia Gostaria de agradecer ajuda, mas ainda infelizmente não consegui estabelecer a conexão, creio que seja uma questão de porta,
No modem B fiz o redirecionamento para o roteador que esta Ligado nele
Ja no modem A que estã em modo bridge como seria o redirecionamento? seria para o ip publico do modem ? ou nao seria necessario ?
E possivel compartilhar o arquivo de backup de um roteador devidamente configurado proximo essa topologia que estou usando, assim poderia comparar se tem algo que não estou vendo ?
obrigado
Dear @sandrodiasalves,
Sorry I can only help in English.
From the following picture, I notice that you have UDP port 500 & 4500 mapped for the internal host 192.168.200.13.
Does the TL-R600VPN behind modem B have WAN IP address 192.168.200.13?
There is no need to configure the virtual server on the TL-R600VPN router. If you still cannot get the VPN established successfully, please upload a document that includes the two Routers' Status and IPSec VPN configuration page (including Advanced Settings), as well as Log info for checking.
Segue as telas de todas a configurações dos Roteadores
Segue primeiro a telas do roteador TL-R600VPN designado como 01
O roteador A segundo a operadora de internet não nehum bloqueio de portas e não passa por nenhum outro nat
Redirecionamento feito no modem
Redirecionamento de portas feito dentro do TL-R600VPN talvez seja redundande, mas fiz
Configuração do IPSEC do TL-R600VPN - 01
Configuração DDNS
Segue as detas do segundo roteador
Telas do redirecionamento feito no modem B
Tela do redirecionamento feito no roteador B
Configuração IPSEC feita no roteador B
Uma duvida, e desculpem a falta de conhecimento, mas como posso fazer um teste das portas 500, 4500 ? pois mesmo indo em qual quer site que testa portas, coloco o ip publico que recebo da operadora diz como fechado, mesmo tendo feito o devido redirecionamento no modem
Alem dessas configurações de ipsec, ddns, servidores virtuais, há alguma outra configuração no TLR600VPn como balanceamento de carga ou firewall que possa está afetando ?