internnet connectivity is not possible for IPSEC remote connection laptops
Hello,
I am able to establish remote VPN IPSEC Tunnel (client to LAN). Hence, ER605 assigning IP address 10.0.10.2 to remote workstation.
However, internet connectivity from 10.0.10.2 through ER605 is not possible.
Note that networks connected to LAN are able to connect to internet (WAN interface is up and running).
Appreciate the support.
Best Regards.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Lb_Maverick wrote
Thank you for the feedback.
As ER605 does not support IPSEC, will need to go for an alternate solutions.
Thus, ER605 is not a recomended platform, price / feature ratio is HIGH.
Have a great day.
Tedd404 wrote
There is no proxy mode for IPsec. Use a different one.
I think you might misunderstand what Tedd wrote. He means there is no such a function for IPsec. And this is what we have now.
And I am not aware of anything about IPsec VPN as a proxy server. It would usually be used for site-to-site connection. If in client-to-site, it would be access the local resources instead of proxy.
Or you might wanna express that you want to use L2TP over IPsec? That's a thing that exists in this world. Just use the L2TP and use encryption in the server setup. That's it.
If you think it does not fit your use case or scenario, please return it within the return window timely. Be sure to send everything that comes with the package back.
- Copy Link
- Report Inappropriate Content
Hi @Lb_Maverick
Are you trying to set up proxy? With IPsec??
Just say if you can ping the remote subnet, the LAN, the default gateway of the router. The result, screenshot, please.
- Copy Link
- Report Inappropriate Content
Hello,
Yes, setup to have IPSEC server as proxy. That is:
- Remote user establish an IPSEC VPN tunnel to ER605
- Once tunnel is up, remote client to have access to local LAN (192.168.251.0 / 24) & internet access ( Internet traffic from and to remote client to go through IPSEC tunnel, via ER605 WAN interface to internet).
With the current ER605 setup, once IPSEC Tunnel is successfully established, remote client is assigned an IP from IP Pool 10.0.10.0/24:
- Remote client is able to ping LAN 192.168.251.0/24
- Remote client is not able to ping WAN interface (192.168.77.2)
- Remote client is not able to ping 192.168.77.1 (Gateway)
- Remote client has no access to internet (through IPSEC tunnel).
It is worth noting that Local LAN 192.168.251.0/24 LAN can access internet through the WAN port
Below print screen of:
- ER605, System Status, WAN, LAN & IPSEC setup
- Ping, IPCONFIG & Print Route from remote client (With IPSEC tunnel established)
ER605 System Status
WAN Setup
LAN Setup:
VPS Setup
Ping from Remote Client (IPSEC established successfully)
IPCONFIG on Remote Client (IPSEC established successfully)
Route print at Remote Client (IPSEC established successfully)
- Copy Link
- Report Inappropriate Content
There is no proxy mode for IPsec. Use a different one.
- Copy Link
- Report Inappropriate Content
Thank you for the feedback.
As ER605 does not support IPSEC, will need to go for an alternate solutions.
Thus, ER605 is not a recomended platform, price / feature ratio is HIGH.
Have a great day.
Tedd404 wrote
There is no proxy mode for IPsec. Use a different one.
- Copy Link
- Report Inappropriate Content
Lb_Maverick wrote
Thank you for the feedback.
As ER605 does not support IPSEC, will need to go for an alternate solutions.
Thus, ER605 is not a recomended platform, price / feature ratio is HIGH.
Have a great day.
Tedd404 wrote
There is no proxy mode for IPsec. Use a different one.
I think you might misunderstand what Tedd wrote. He means there is no such a function for IPsec. And this is what we have now.
And I am not aware of anything about IPsec VPN as a proxy server. It would usually be used for site-to-site connection. If in client-to-site, it would be access the local resources instead of proxy.
Or you might wanna express that you want to use L2TP over IPsec? That's a thing that exists in this world. Just use the L2TP and use encryption in the server setup. That's it.
If you think it does not fit your use case or scenario, please return it within the return window timely. Be sure to send everything that comes with the package back.
- Copy Link
- Report Inappropriate Content
Hello,
Thank you for your feedback.
Note that we currently have Sophos installed on an Intel NUC where remote clients are able to connect using IPSEC VPN with access to local networks as well as Internet through the WAN interface.
Note that on Sohpos, we used "masquerade" feature under NAT.
The objective as to replace current setup with ER605.
Have a great day.
Best Regards,
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 751
Replies: 6
Voters 0
No one has voted for it yet.