ER605 - L2TP VPN Client with PSK to a Windows Server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 - L2TP VPN Client with PSK to a Windows Server

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER605 - L2TP VPN Client with PSK to a Windows Server
ER605 - L2TP VPN Client with PSK to a Windows Server
2023-03-30 08:23:23
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: ER605(UN)_V2_2.1.2

Hi!

I have an ER605 VPN Router in standalone mode and want to use it to connect as a Client to an L2TP VPN Server with a PSK hosted by a Windows Server, with the end goal being connecting devices to the LAN Ports of the ER605 routing all traffic through the VPN.

I have tried to setup the connection myself, but it never seems to actually connect to the VPN Server, even though when for example using a normal Windows client device it works flawlessly. The logs keep repeating these 2 lines over and over:
 

  • WAN: IKE negotiation began in initiator mode. (Mode=Main Mode, Peers=192.168.178.147<->{Redacted Server IPv4})
  • WAN: Phase 1 of IKE negotiation succeeded. (Peers=192.168.178.147<->{Redacted Server IPv4})

 

No errors or anything like that appear after these 2 lines, they just keep repeating again and again.

 

Has anyone tried to setup something similar before and could tell me what I might be doing wrong?

  0      
  0      
#1
Options
3 Reply
Re:ER605 - L2TP VPN Client with PSK to a Windows Server
2023-03-31 06:17:46

  @LeonTheo02 

 

Do you mean the ER605 set as a VPN client and the windows PC set as a VPN server?

It is a weird topology, normally I use it reversely.

 

It seems like even the VPN tunnel doesn't establish.

Check this whether it is the thing that you wanna achieve.

Just striving to develop myself while helping others.
  0  
  0  
#2
Options
Re:ER605 - L2TP VPN Client with PSK to a Windows Server
2023-04-04 15:47:06

Hi,

yes the ER605 should just be the VPN Client and NOT server, as the server already exists at a remote location running Windows Server and its VPN Server Solution.
So what I would need it to do is connect to that existing Windows Server VPN and make every device plugged into the ER605 use the servers IP and Network.

  0  
  0  
#3
Options
Re:ER605 - L2TP VPN Client with PSK to a Windows Server
2023-04-04 18:55:05

  @LeonTheo02 

 

I do this at one of my remote sites.  I have an ER605 as an L2TP client but in 'Routing' mode (which means the route table is adjusted accordingly).  I have one LAN subnet that I've set up to forward all user traffic over the tunnel.  This works fine for me with ER605 at either end.

 

For this to work, both ends of the tunnel need to be aware of the local and remote subnets.  The ER605 can do this...but you'll need to figure out how to emulate this on the Windows server.

 

Steps as I see it:

 

1. Get tunnel up (proper secret etc etc)

2. Get routing working (ie verify hosts can ping each other across the tunnel)

3. Add policy routes to force client side users to use tunnel IP as the next hop

4. For bonus points, you may also need to force DNS resolution to happen via the far end DNS servers

<< Paying it forward, one juicy problem at a time... >>
  0  
  0  
#4
Options