VPN ikev2 with more than one LANs doesn't work

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
12

VPN ikev2 with more than one LANs doesn't work

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
18 Reply
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-19 12:21:24

@shberge I configure it on both networks

Building A

Building B

But nothing works.

Another configuration of port forwarding is that on destination IP I set the public IP of each building respectively and VPN on remote gateway I set the public IP of another site with the specific port like public_IP:500 or public_IP:4500 (I try both of them) but nothing works. I believe that there is a bug in IKEv2 for tp-link

Network Engineer 1.0
  0  
  0  
#12
Options
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-19 14:29:42

@xperiments 

you have to do it on your router with public wan ip.

not on ER605 if it behind a nated router.

 

 

 

 

 

 

 

  0  
  0  
#13
Options
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-20 05:10:33

@xperiments Thanks for the response. I open the ports 500 and 4500 on ISP modem and doesnt work

Network Engineer 1.0
  0  
  0  
#14
Options
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-20 05:13:06

@xperiments then I do not know, I think you need to consult with tp-link support about this, maybe they have a solution.

 

  0  
  0  
#15
Options
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-20 05:42:55
I did it from yesterday, alongside with the post on community.
Network Engineer 1.0
  0  
  0  
#16
Options
Re:VPN ikev2 with more than one LANs doesn't work
2021-05-20 05:51:39 - last edited 2021-05-20 06:01:14

@xperiments I don't know what type of internet do you have but in many case I completely remove ISP router and connect firewall directly to internet, maybe you can do the same, then your ER605 receive a wan ip direct without NAT on Internet providers router.

 

many internet routers can also be put in bridge mode if you cannot connect the ER605 directly to the internet.

Check with your internet service provider about how to do this if necessary.

 

 

  0  
  0  
#17
Options
Re:VPN ikev2 with more than one LANs doesn't work-Solution
2021-05-20 08:36:52 - last edited 2021-05-20 08:53:47

@xperiments 

I finally succeeded. I created a 2nd VPN Policy in Building A by setting LAN2 as the remote subnet, ie the LAN of the 2nd floor of Building B (192.168.103.0/24). The 1st VPN Policy has the LAN of the 1st floor of Building B (192.168.102.0/24). Similarly for Building B I created a 2nd VPN Policy by setting Local Networks LAN2. The 1st VPN Policy has LAN1.

Those configurations have done with IKEv1. Also I have to mention that in case of doing on LAN on both building IKEv2 still not working
Thank you very much for your time

Network Engineer 1.0
Recommended Solution
  1  
  1  
#18
Options
Re:VPN ikev2 with more than one LANs doesn't work-Solution
2021-05-25 11:14:53 - last edited 2021-05-27 05:43:10

@xperiments 

Or if you want to use IKEv2, VPN connecion should work like this:

Building A configuration

Building B Configuration

Network Engineer 1.0
Recommended Solution
  0  
  0  
#19
Options