TL-ER6120 site-to-site VPN doesn't route outgoing traffic?
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-ER6120 site-to-site VPN doesn't route outgoing traffic?
Model :
Hardware Version : Not Clear
Firmware Version :
ISP :
There's been a number of threads dancing around this issue without arriving at a definitive solution. I've bench tested a number of VPN routers (mostly Cisco) with "LAN-to-LAN" or "site2site" IPsec tunnels with each other and the ER-6120 is the only router that doesn't seem to route outgoing traffic. In fact not at all !
From the local LAN of other routers I am able to ping the local LAN's of other routers including the ER-6120. But from the ER-6120's local LAN is a different story. I can't ping a thing outside its own subnet. I've tried everything I can think of including restoring factory settings and starting over. I've even set its firewall Access Rules to allow all services to both LAN and WAN -- nothing.
Setting up a Site-to-Site IPsec tunnel with an ER-6120 isn't a problem ( though the "responder" option seems to be missing). But despite whatever I try, traffic from behind an ER-6120 is a one-way street, incoming but not outgoing. Even pinging from the ER-6120's Diagnostics web UI only returns is " Destination host cannot be reached." To me, that points to a routing issue. Yet an entry appears in the routing table for every IPsec tunnel created. But doesn't allow static routes to be added to the same destination, which forgoes that workaround attempt.
So I am at a complete loss. Unless I am missing something simple or some hidden workaround, I find it hard to believe that a major bug such as this -- a VPN router that can't site2site -- has never been resolved -- in years! And they still sell this thing? WTF? Logic dictates it's something I've missed, a hidden quirk. But what?
Can anyone shed some light on this?
Hardware Version : Not Clear
Firmware Version :
ISP :
There's been a number of threads dancing around this issue without arriving at a definitive solution. I've bench tested a number of VPN routers (mostly Cisco) with "LAN-to-LAN" or "site2site" IPsec tunnels with each other and the ER-6120 is the only router that doesn't seem to route outgoing traffic. In fact not at all !
From the local LAN of other routers I am able to ping the local LAN's of other routers including the ER-6120. But from the ER-6120's local LAN is a different story. I can't ping a thing outside its own subnet. I've tried everything I can think of including restoring factory settings and starting over. I've even set its firewall Access Rules to allow all services to both LAN and WAN -- nothing.
Setting up a Site-to-Site IPsec tunnel with an ER-6120 isn't a problem ( though the "responder" option seems to be missing). But despite whatever I try, traffic from behind an ER-6120 is a one-way street, incoming but not outgoing. Even pinging from the ER-6120's Diagnostics web UI only returns is " Destination host cannot be reached." To me, that points to a routing issue. Yet an entry appears in the routing table for every IPsec tunnel created. But doesn't allow static routes to be added to the same destination, which forgoes that workaround attempt.
So I am at a complete loss. Unless I am missing something simple or some hidden workaround, I find it hard to believe that a major bug such as this -- a VPN router that can't site2site -- has never been resolved -- in years! And they still sell this thing? WTF? Logic dictates it's something I've missed, a hidden quirk. But what?
Can anyone shed some light on this?
