ER707-M2 VPN IPSec Internet access

ER707-M2 VPN IPSec Internet access

ER707-M2 VPN IPSec Internet access
ER707-M2 VPN IPSec Internet access
2024-09-06 11:22:20 - last edited 2024-09-09 01:54:28
Tags: #VPN
Model: ER707-M2  
Hardware Version: V1
Firmware Version: 1.1.0 Build 20230609

Hi,

 

I have an ER707-M2 router and I set-up a VPN server.

The VPN server type is IKEv2.

I'm configuring an iOS device (iPad) with an Always-On VPN profile to connect to this router.

Then problem is that, when using Always-On and routing all traffic through VPN tunnel (including internet), the client is loosing Internet access.

I already tried to add static routes but no luck.

Is anyone who configured this type of VPN and can help me with some guidance?

Thank you.

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:ER707-M2 VPN IPSec Internet access-Solution
2024-09-09 01:54:24 - last edited 2024-09-09 01:54:28

Hi @accexpert 

Thanks for posting in our business forum.

accexpert wrote

  @AlexSimbun 

Thank you for your response.

Already updated the router to the latest version.

When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.

The IPsec VPN is not capable of the full tunnel.

IPsec was initially created for the client/site-to-site connection.

If you need to use the full tunnel, proxy for the Internet, consider other types of VPN. WG, OVPN and L2TP.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  2  
  2  
#5
Options
5 Reply
Re:ER707-M2 VPN IPSec Internet access
2024-09-07 07:26:38

  @accexpert 

 

I think there's new firmware for that. Try to update your unit first. Maybe it solves your issue.

 

 

Alex Kota Kinabalu, Sabah Malaysia
  0  
  0  
#2
Options
Re:ER707-M2 VPN IPSec Internet access
2024-09-07 12:38:32

  @AlexSimbun 

Thank you for your response.

Already updated the router to the latest version.

When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.

  0  
  0  
#3
Options
Re:ER707-M2 VPN IPSec Internet access
2024-09-08 12:54:32

  @accexpert 

 

Hi. Maybe you can share your config so that easy for us  to understand. 😊

Alex Kota Kinabalu, Sabah Malaysia
  0  
  0  
#4
Options
Re:ER707-M2 VPN IPSec Internet access-Solution
2024-09-09 01:54:24 - last edited 2024-09-09 01:54:28

Hi @accexpert 

Thanks for posting in our business forum.

accexpert wrote

  @AlexSimbun 

Thank you for your response.

Already updated the router to the latest version.

When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.

The IPsec VPN is not capable of the full tunnel.

IPsec was initially created for the client/site-to-site connection.

If you need to use the full tunnel, proxy for the Internet, consider other types of VPN. WG, OVPN and L2TP.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  2  
  2  
#5
Options
Re:ER707-M2 VPN IPSec Internet access
2024-09-09 02:55:15 - last edited 2024-09-09 02:55:38

  @Clive_A  Thank you for your response.

Unfortunately, Apple devices only accepts IKEv2 VPN server for Always-On connection so I cannot use other VPN types.

In that case, my only option is to use a separate hardware device which supports full tunnel to handle VPN traffic for my use case.

Thank you.

 

Regards,

 

  0  
  0  
#6
Options