ER8411 OpenVPN/SSL VPN Issue
About OpenVPN/SSL VPN issue.
Today is 6 months since I reported the VPN error, it still hasn't been fixed. Do you have any more information about what's going on? Is there anyone working on this?
Do you know if the ER707-M2 has the same VPN bug?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
it seems that my problem has been solved, I have now run against my own Openvpn server from pivpn for a few weeks without problems with UDP, the speed is good, probably only limited by the server running on an old PC. no drops or other problems on the VPN connection.
The OpenVPN server is not installed in compatibility mode as I had to do before, i.e. version older than 2.4
The problem now is TCP, it's terribly slow. 30-40 Mbps at most, I hope Tp-Link can look into this too :-)
I am now using this firmware on my ER8411, 1.2.2 Build 20240809 Rel.48592
- Copy Link
- Report Inappropriate Content
Hello @shberge,
The issue has been reported to our R&D team for further investigation last week. At this time, I'm informed that the fix of the ER8411 OpenVPN/SSL VPN Issue might be a bit delayed as they need to hurry up to finish the on-going large and important project first. And it will take some time to fix the issue due to the fact that the underlying logic of ER8411 is different from other router models, the fix will be more complicated. But please be assured that they will try the best to work out the problem. We appreciate your understanding and patience in this matter.
As for the ER707-M2, I haven't received any feedback about the VPN on it yet, will keep an eye on this. You are welcome to tag me or @Hank21 for further follow-up if you notice one.
- Copy Link
- Report Inappropriate Content
What is the status of the VPN problems? now it's almost 8 months since I first reported this, do you have any updated information?
I am now on
Firmware Version:
1.0.4 Build 20230606 Rel.72432
Controller Version
5.11.8
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I am having the same OpenVPN Issues. would be great to get a fast update here.
Especially because the ER8411 is really the most expensive router of TP-Link (regarding performance and price).
- Copy Link
- Report Inappropriate Content
And I assume this issue still has not been fixed or resolved or even reported as a known issue in the release notes.
- Copy Link
- Report Inappropriate Content
there is a beta available since beginning of this year somewhere in the forum, which fixed this issue, although with quite poor performance.
- Copy Link
- Report Inappropriate Content
I haven't seen anything in the release note about this either, either it was fixed by mistake or they don't want to talk much about it.
But latest update works with UDP, I don't know how stable it is, latest beta version disconnected openvpn without reconnecting after a while.
I haven't tested SSL since the last beta, it worked but destroyed the IPsec site to site VPN, ping worked and everything looked ok but when I tried to start a remote desktop or a web application in the IPsec s2s tunnel, nothing happened. to get IPsec working again I had to delete all SSL configuration and restart the router, exactly as when I bought the router on the end of 2022.
Now I have given up openvpn Client on the ER8411 and route all this traffic via a Unifi router which works absolutely fantastic for Wireguard and OpenVPN.
TP-Link still works best with IPsec site to site VPN.
OpenVPN and wireguard for remote access to my network run on two Raspberry PI 5 together with unifi and omda controller and some other stuff.
you can try the latest firmware and test give feedback in this thread
EDIT:
I did a test here and unfortunately ER8411 as OpenVPN client disconnects the tunnel after a while. it appears as active but is not. if I deactivate the OpenVPN tunnel and activate it again, it works for a while before it disconnects or cuts the traffic, so back to Unifi, the next test will be when there is new firmware for the ER8411.
for the record I can mention that the ER707-M2 and ER706W do NOT have this problem.
- Copy Link
- Report Inappropriate Content
Hi @MR.S
Thanks for posting in our business forum.
MR.S wrote
I haven't seen anything in the release note about this either, either it was fixed by mistake or they don't want to talk much about it.
But latest update works with UDP, I don't know how stable it is, latest beta version disconnected openvpn without reconnecting after a while.
I haven't tested SSL since the last beta, it worked but destroyed the IPsec site to site VPN, ping worked and everything looked ok but when I tried to start a remote desktop or a web application in the IPsec s2s tunnel, nothing happened. to get IPsec working again I had to delete all SSL configuration and restart the router, exactly as when I bought the router on the end of 2022.
Now I have given up openvpn Client on the ER8411 and route all this traffic via a Unifi router which works absolutely fantastic for Wireguard and OpenVPN.
TP-Link still works best with IPsec site to site VPN.
OpenVPN and wireguard for remote access to my network run on two Raspberry PI 5 together with unifi and omda controller and some other stuff.
you can try the latest firmware and test give feedback in this thread
EDIT:
I did a test here and unfortunately ER8411 as OpenVPN client disconnects the tunnel after a while. it appears as active but is not. if I deactivate the OpenVPN tunnel and activate it again, it works for a while before it disconnects or cuts the traffic, so back to Unifi, the next test will be when there is new firmware for the ER8411.
for the record I can mention that the ER707-M2 and ER706W do NOT have this problem.
Have you tried to add keepalive in the exported .OVPN? Will it help? I recall I answered this before and result seems to be positive.
The previously provided beta to you and Matthias did not work at all? I recall you and he reported the performance was much better.
- Copy Link
- Report Inappropriate Content
i can give it a try, added keepalive 10 120 and reimported.
previously provided beta or none of the versions have worked as they should so far, that is, there is a small improvement, UDP at least connects now but loses communication after a while.
I have not tested SSL with the latest version, but the beta version destroys the IPsec traffic as mentioned above. as it has done all along. ping works normally, but if I try to start remote desktop or a web application, for example, nothing happens, if something happens, it's very slow,
disabling ssl doesn't help i actually have to delete everything configured in ssl and reboot the router to get it working again
- Copy Link
- Report Inappropriate Content
Hi @MR.S
Thanks for posting in our business forum.
MR.S wrote
i can give it a try, added keepalive 10 120 and reimported.
previously provided beta or none of the versions have worked as they should so far, that is, there is a small improvement, UDP at least connects now but loses communication after a while.
I have not tested SSL with the latest version, but the beta version destroys the IPsec traffic as mentioned above. as it has done all along. ping works normally, but if I try to start remote desktop or a web application, for example, nothing happens, if something happens, it's very slow,
disabling ssl doesn't help i actually have to delete everything configured in ssl and reboot the router to get it working again
Summarize this now:
1. OpenVPN will disconnect after a while.
2. Performance is not expected. Like what you reported: https://community.tp-link.com/en/business/forum/topic/596196?replyId=1296198
Persists till now? 20Mbps or so? What is your upload and download speed? ISP plan.
3. IPsec and SSL would not work at the same time.
Do I understand you correctly?
Let me ask you this about the last one, did you bring up #3 in the past when you contacted us about OpenVPN? I recall I have met this and the dev told me they didn't reproduce this. It was because your network with too many VPN tunnels.
Do you reproduce this in two routers without too many variables?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 2733
Replies: 45
Voters 0
No one has voted for it yet.