Não consigo visualizar a rede entre dois TL-R600VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Não consigo visualizar a rede entre dois TL-R600VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Não consigo visualizar a rede entre dois TL-R600VPN
Não consigo visualizar a rede entre dois TL-R600VPN
2020-10-27 14:17:50 - last edited 2021-04-18 10:46:24
Model: TL-R600VPN  
Hardware Version: V4
Firmware Version:

Hello everyone I need your help

 

I am trying to make an IPSEC VPN between two sites using two TL-R600VPN so that both sides access the network from the respective sides


I managed to establish the connection between the routers, I can access rotator A through B vise and versa, but, however, it is not possible to see the network content from both sides.

 

I noticed that the only way to start the tunnel is when I set the negotiation mode as initiator on both routers, otherwise it will not go away: (WAN1: IKE negotiation phase 1 successful.) But after tunneling I change mode to tunnel responder remains for a while and then falls, showing a time out error

 

I have already tried tips like disabling load balancing and control, disabling UPNP and especially the firewall of computers, but under normal conditions of operation of the router is it necessary to always disable the firewall?

 

I believe it is a matter of configuring the definition of IPs and subnets and configuring dhcp, in which case is it necessary to create an IP pool? and how should the ideal

configuration be within my topology below?

 

Router A: 192.168.0.1 Wan1 IP that comes from NAT (which I have already done by redirecting ports (500.4500) = 192.168.3.1 Public IP of NAT = 177.192.18x.12x
Router B: 192.168.2.1 Wan1 IP that comes from NAT (which I have already done by redirecting ports (500.4500) = 192.168.200.1 Public IP of NAT = 201.4.13x.8x
All computers on the networks have DHCP

 

CONFIGURAÇÃO IPSEC ROTEADOR A

CONFIGURAÇÃO IPSEC ROTEADOR B

Policy Name:  RoteadorA  

Mode: LAN-to-LAN

Remote Gateway: 201.4.139.89

WAN: WAN1

Local Subnet:  192.168.0.0 /24

Remote Subnet: 192.168.2.0 / 24

Pre-shared Key: 123456 

Status: Enable

 

Phase-1 Settings

Proposal: md5-des-dh1

Proposal: ---

Proposal:---

Proposal:---

Exchange : Aggressive Mode

Negotiation Mode: Initiator Mode

Local ID Type:  NAME

Local ID: 123

Remote ID Type: NAME

Remote ID:321

SA Lifetime: 28800

DPD: Enable

DPD Interval:10

Phase-2 Settings

Encapsulation Mode: Tunnel Mode

Proposal:esp-md5-des

Proposal: ---

Proposal:---

Proposal:---

PFS:none

SA Lifetime:28800

 

Policy Name:  RoteadorB  

Mode: LAN-to-LAN

Remote Gateway: 177.192.181.124

WAN: WAN1

Local Subnet:  192.168.2.1   /24

Remote Subnet: 192.168.2.0 / 24

Pre-shared Key: 123456 

Status: Enable

 

Phase-1 Settings

Proposal: md5-des-dh1

Proposal: ---

Proposal:---

Proposal:---

Exchange : Aggressive Mode

Negotiation Mode: Initiator Mode

Local ID Type:  NAME

Local ID: 321

Remote ID Type: NAME

Remote ID:123

SA Lifetime: 28800

DPD: Disable

DPD Interval:0

Phase-2 Settings

Encapsulation Mode:Tunnel Mode

Proposal:esp-md5-des

Proposal: ---

Proposal:---

Proposal:---

PFS:none

SA Lifetime:28800

 

  0      
  0      
#1
Options
1 Reply
Re:Não consigo visualizar a rede entre dois TL-R600VPN
2020-10-29 10:36:10 - last edited 2021-04-18 10:46:24

Dear @sandrodiasalves,

 

The IPSec VPN configuration is not such complicated, we just need to ensure the settings match so that the two VPN routers can talk to each other successfully, all the necessary settings are mentioned in the VPN configuration guide

 

I managed to establish the connection between the routers, I can access rotator A through B vise and versa, but, it is not possible to see the network content from both sides.

 

The VPN tunnel is fine now, to figure out why you cannot see the network content from both sides, we can use the ping command to test the connectivity. To learn how to use the Ping command: https://www.tp-link.com/support/faq/425/

 

Besides, it's important to check how you access the network content (what protocol it is based on).

 

I have already tried tips like disabling load balancing and control, disabling UPNP and especially the firewall of computers, but under normal conditions of operation of the router is it necessary to always disable the firewall?

I believe it is a matter of configuring the definition of IPs and subnets and configuring dhcp, in which case is it necessary to create an IP pool? and how should the ideal

configuration be within my topology below?

 

The firewall of computers may block the ping requests and block the point to point communication, it's necessary to disable firewall settings briefly to do the tests. There is no need to change any other unrelated settings on the routers.

 

Hope the above information is helpful.

 

P.S. I noticed that you have started another thread before. Sorry that we may not be able to help you in a rapid way on the Community. If you need urgent assistance, I suggest you may contact the local support instead, https://www.tp-link.com/support/contact-technical-support/#Hotline-Support

 

>> Omada EAP Firmware Trial Available Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options