Routing problem with ER6120 to ER604W VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Routing problem with ER6120 to ER604W VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Routing problem with ER6120 to ER604W VPN
Routing problem with ER6120 to ER604W VPN
2015-04-23 02:05:48 - last edited 2021-08-21 04:46:47
Region : Italy

Model : TL-ER6120

Hardware Version : V1

Firmware Version : 1.0.7 Build 20140113 Rel.63736

ISP : TELECOM ITALIA


HI all,
I'm facing a serious routing problem in my network infrastructure and definitely need some useful advice from this community.
I need to connect two premises of my client's company in order to allow PC's in Site A to access Application Servers in Site B.
Site A has a 10 Mbps fiber connection to the Internet and Site B has a 4 Mbps SHDSL copper connection to the Internet.
I installed a ER604W VPN router in Site A and a ER6120 VPN Router in Site B.
I configured an IPSec LAN-to-LAN VPN between the 2 VPN routers and it started working flawlessly.
LAN Subnet in Site A is 192.168.110.0/24 and LAN Subnet in Site B is 192.168.9.0/24.
The VPN uses WAN1 port in both routers.
Furthermore, the Application Servers are in Site B in the other subnet 210.208.250.0/24 (please do not ask me why !!!)
It's an old heritage from a former net admin and I cannot fix it at short since they are running critical applications. Not interruptable now. Maybe during next summer.
Therefore, in Site B I connected the WAN2 port of the ER6120 to the 210.208.250.0 Subnet in order to let the 6120 perform routing between WAN1 (the VPN interface) and WAN2 (the Application Servers Subnet).

The VPN works perfectly. From any of the clients in Site A (192.168.110.0) I can ping any other computer in Site B (192.168.9.0) and vice-versa.
Furthermore, from any of the computers in SITE B LAN (192.168.9.0) I can successfully ping any Application Servers in subnet 210.208.250.0 and vice-versa.
Unfortunately, all the pings between SITE A (192.168.110.0) and Application Servers in subnet 210.208.250.0 are lost along the route. No connection at all.

It seems that the 6120 does not allow the routing of packets along the path: LAN A --> 604/WAN1 --> 6120/WAN1 --> 6120/WAN2 --> SUBNET B

The following drawing tries to clarify the network:


INTERNET INTERNET
| |
SITE B | | SITE A
| WAN1 WAN1 |
6120 <-----------------------------LAN-to-LAN VPN ------------------------------------> 604
WAN2 | | |
| | LAN | LAN
| 192.168.9.1 192.168.110.0 ||
|
210.208.250.0


Any help will be greatly appreciated.

Thank a lot in advance,
Radix
  0      
  0      
#1
Options