ER605 v2.0 IPSec/ IKEv2 Client-to-Site VPN not working on Android
After recently upgrading to the latest version of Android, I have now been forced to use IPSec IKEv2.
I've tried setting this up via the Omada controller with an ER605 in accordance with this help page: https://www.tp-link.com/uk/support/faq/3447/ - however, the connection does not function when I enter Remote ID type.
Instead, I've tried keeping both Local and Remote ID types to "IP address" - and the VPN successfully connects, however I cannot access either local resources or internet resources via the VPN.
So I can connect to the ER605 via the VPN, the Omada log shows a successful connection, my Android device shows "connected" with the VPN local IP address assigned as below - but I cannot access any websites or resources when connected.
Has this happened to anyone else? Or could TP Link support help with this please?
My configuration is currently:
Omada:
Client-to-site VPN
VPN Server - IPSec
Remote Host - 0.0.0.0
Local Networks: VLAN40 (this has subnet 192.168.40.0)
Pre-Shared Key: [Password]
WAN: WAN
IP Pool: 192.168.40.10/32 (i.e. the VPN device always has 192.168.40.10 as its IP address).
Key Exchange: IKEv2
Proposal: Default
Negotiation Mode: Responder
Local ID Type: IP Address
Remote ID Type: IP Address
SA Lifetime: Default
DPD & Interval: Default
All Phase-2 settings: Default
Android Device
Type: IKEv2/ IPSec PSK
Server address: WAN address of ER605
IPSec identifier: WAN address of ER605 (note: the VPN does not connect if this is blank, but does connect when it is filled in, even without ID types set in Omada)
Pre-Shared Key: [Password]