Model :

Hardware Version : Not Clear

Firmware Version :

ISP :

Hi everyone,

I've recently got myself a TL-ER6020 for small office use.

I've configured IPSec connection to remote network, so I've got this:

192.168.13.0/24 (LAN) <-------- IPSEC ---------> 10.1.1.0/24 (NET1)
TL-ER6020 UNKNOWN

from my LAN network I can easily reach remote NET1 network with all required hosts accessible.

Next I wan't to allow some of my employees to access NET1 through TL-ER6020, so I set it up as VPN server (L2TP, but I've also tried PPTP with the same result)
I configure IP pool for L2TP clients to 192.168.13.50-192.168.13.70 (it's not overlaping with DHCP for LAN, which is set to 192.168.13.100-192.168.13.199)

Everything work's fine, I can easily connect to the created VPN server from mobile client:

192.168.13.50/32 (CLIENT) < -------- L2TP --------> 14.14.14.14 (WAN1)
SMARTPHONE TL-ER6020

With this setup I have full access to LAN hosts, so I can access for instance router setup at 192.168.13.1 (TL-ER6020) from 192.168.13.50 (CLIENT).

My problem is, that I cant access NET1 from CLIENT, so this isn't working:

192.168.13.50/32 (CLIENT) < -------- L2TP --------> 14.14.14.14 (WAN1) | 192.168.13.0/24 (LAN) <-------- IPSEC ---------> 10.1.1.0/24 (NET1)
SMARTPHONE TL-ER6020 UNKNOWN
[FONT=arial]
What I wan't is to be able to access 10.1.1.1 from 192.168.13.50.

I believe this has something to do with te fact, that 192.168.13.50 is in the same IP class as the LAN network. I've tried to switch L2TP IP pool to different IP class: 192.168.14.0/24 (not NAT). After doing so I was able to access 10.1.1.1, but since it's not NAT'ed I can't access the Internet. If I enable Multi-Nets NAT for 192.168.14.0/24, I have access to the Internet, but I lose connectivity with 10.1.1.0/24.

Does anyone have an idea how to have both on the mobile client: access to the Internet via NAT + access to the IPSec network NET1?

[/FONT]