VPN connection between MR200 (private IP) and Fritz 6490 (public IP via DynDNS)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

VPN connection between MR200 (private IP) and Fritz 6490 (public IP via DynDNS)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
VPN connection between MR200 (private IP) and Fritz 6490 (public IP via DynDNS)
VPN connection between MR200 (private IP) and Fritz 6490 (public IP via DynDNS)
2017-08-02 00:51:28
Model :

Hardware Version :

Firmware Version :

ISP :

Hi,

I hope there are some true VPN cracks around here?
I am trying to connect my TPLink Archer MR200 (which unfortunately gets a private IP address from my spanish 4G provider) with my Fritz 6490 at home.
After hours of research and trial/error this is what I came up with... but have not been able to get the status ever changing from "down" to anything different...

TPLink side:

router internal IP: 192.168.179.1
router external IP: as said... a private one, thus dyndns isn't possible.

I created the following entry in Network > IPSec VPN:
ConnectionName: BerlinLaPalma
Remote Gateway: XXX.myfritz.net (the dyndns address of the fritz router)thi
Tunnel Access from local IP addresses: Subnet Address
Local Address: 192.168.179.0, Mask: 255.255.255.0
Remote Address: 192.168.178.0, Mask: 255.255.255.0
Key Exchange Method: Auto
Authentication Method: Pre-Shared Key
Pre-Shared Key: YYY (obviously the key I am using is a little longer (;-))
Perfect Forward Secrecy: Enable
Phase 1 Mode: Aggressive
Local Identifier Type: FQDN
Local Identifier: www.dummy.com (as said, I have a private IP, thus I was thinking using a dummy URL instead)
Remote Identifier Type: FQDN
Remote IDentifier: XXX.myfritz.net
The remaining entries are all with default values:
Encryption Algorithm: 3DES, Integrity Algorithm: MD5, Diffie-Hellmann Group: 1024 bit, Key Life Time: 3600,...


On the Fritz Side
Router IP is 192.168.178.1
I imported the following config file:

vpncfg {
connections {
enabled = yes;
conn_type = conntype_lan;
name = "BerlinLaPalma";
always_renew = no;
reject_not_encrypted = no;
dont_filter_netbios = no;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = 0.0.0.0;
remote_virtualip = 0.0.0.0;
remotehostname = "";
localid {
fqdn = "XXX.myfritz.net";
}
remoteid {
fqdn = "www.dummy.com";
}
mode = phase1_mode_aggressive;
phase1ss = "all/all/all";
keytype = connkeytype_pre_shared;
key = "YYY";
cert_do_server_auth = no;
use_nat_t = yes;
use_xauth = no;
use_cfgmode = no;
phase2localid {
ipnet {
ipaddr = 192.168.178.0;
mask = 255.255.255.0;
}
}
phase2remoteid {
ipnet {
ipaddr = 192.168.179.0;
mask = 255.255.255.0;
}
}
phase2ss = "esp-all-all/ah-none/comp-all/pfs";
accesslist = "permit ip any 192.168.179.0 255.255.255.0";
}
ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
"udp 0.0.0.0:4500 0.0.0.0:4500";
}


// EOF


Anyone having any idea what I am doing wrong?
  0      
  0      
#1
Options
1 Reply
Re:VPN connection between MR200 (private IP) and Fritz 6490 (public IP via DynDNS)
2017-08-02 09:10:20
Not really good at VPN. But as I know, there is some trouble on MR200 V1 with VPN passthrough, you can try to contact TP-Link tech support to get the beta firmware which fix the VPN Passthrough problem if you haven't done that.
  0  
  0  
#2
Options