ER707-M2 VPN IPSec Internet access
Hi,
I have an ER707-M2 router and I set-up a VPN server.
The VPN server type is IKEv2.
I'm configuring an iOS device (iPad) with an Always-On VPN profile to connect to this router.
Then problem is that, when using Always-On and routing all traffic through VPN tunnel (including internet), the client is loosing Internet access.
I already tried to add static routes but no luck.
Is anyone who configured this type of VPN and can help me with some guidance?
Thank you.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @accexpert
Thanks for posting in our business forum.
accexpert wrote
Thank you for your response.
Already updated the router to the latest version.
When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.
The IPsec VPN is not capable of the full tunnel.
IPsec was initially created for the client/site-to-site connection.
If you need to use the full tunnel, proxy for the Internet, consider other types of VPN. WG, OVPN and L2TP.
- Copy Link
- Report Inappropriate Content
I think there's new firmware for that. Try to update your unit first. Maybe it solves your issue.
- Copy Link
- Report Inappropriate Content
Thank you for your response.
Already updated the router to the latest version.
When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi @accexpert
Thanks for posting in our business forum.
accexpert wrote
Thank you for your response.
Already updated the router to the latest version.
When a client with full tunneling is connected to the router (e.g. iOS device with Always On option set) the local router network is fully accessible however, the internet is not working. The requests are not routed from vpn to the wan interface.
The IPsec VPN is not capable of the full tunnel.
IPsec was initially created for the client/site-to-site connection.
If you need to use the full tunnel, proxy for the Internet, consider other types of VPN. WG, OVPN and L2TP.
- Copy Link
- Report Inappropriate Content
@Clive_A Thank you for your response.
Unfortunately, Apple devices only accepts IKEv2 VPN server for Always-On connection so I cannot use other VPN types.
In that case, my only option is to use a separate hardware device which supports full tunnel to handle VPN traffic for my use case.
Thank you.
Regards,
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 404
Replies: 5
Voters 0
No one has voted for it yet.