Home Network Community > All Threads > Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?
< All Threads

Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?

Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?

Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?
Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?
Yesterday - last edited 21 hours ago
Tags: #VPN
Model: Deco BE65-5G  
Hardware Version: V1
Firmware Version: 1.0.5 build 20240904 Rel 22287

Hi

 

I bought a router DECO BE65-5G for a remote site behind a CGNAT IP, typical setup nowadays for a 5G connection

 

on the central site I run a TP LINK MR600  with public IP and DDNS and  with OPENVPN server enabled, how can I connect the client from the DECO BE65 to the MR600 server and enable site-to site connectivity, ie remote and central subnets can talk to eah others thru the VPN  as shown by the blue arrows in the drawing below ? 

 

 

Note that I can connect from a PC or IPhone to the central site MR600 Server through OPENVPN, it works pretty well I can reach all devices on the central site LAN from my Iphone

 

feasible with OPENVPN ?

 then what do I miss ?

 

or any other type of VPN that could be used  ? 

 

 PPTP  ?

 

L2TP/IPSEC ? 

 

thanks

 

Damien

  1      
 
  1      
 
#1
Options
2 Reply
Re:Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?
Yesterday

  @t0urista 

Hi, It is said that Deco BE65-55G supports a VPN server/Client.

I think you can try to set Deco BE65-5G as an OpenVPN client to connect to Archer MR600.

How to set up OpenVPN Client on Deco APP

Wait for your reply and best regards.

 

Deco BE65/85/95 New Firmware Versions Ready for TestDeco M5 Newly Introduced Advanced Parental Control FeaturesMeet Us at CES 2025!KidShield Now Open for Trial! Try to leave a Message if urgent help is required.
  0  
  0  
#2
Options
Re:Deco BE65-5G behind CGNAT as a client VPN for site-2-site connectivity ?
22 hours ago - last edited 20 hours ago

  @t0urista 

 

I tried this setup, strictly following the process, it does not work....

 

the OPENVPN tunnel can be established, as shown on both the DECO (remote site, client) and the Archer MR600 (central site, server) , I can even see that the DECO received the tunnel IP address 10.8.0.3  

 

  1. However no communication at all between both routers, I cannot ping the tunnel endpoint IP 10.8.0.3 from a PC on the  central site subnet with ip=  192.168.0.100.
    BTW, when my IPHONE is used as an OPENPN client, It also receives a tunnel client  IP from the range 10.8.0.x, BUT this one can be pinged from the same PC 192.168.0.100 from the central site, so there is definitely something wrong with the DECO OPENVPN client which is the only difference in both setup.
  2. but then even if tunnel IP addresses can be pinged, there is no route in the central site ARCHER routing table towards the remote site LAN subnet  196.168.68.0/24 that i want to reach from the central site (see table below) so the remote and local subnets will not be able to talk to each others !!!
  3. As shown in the last screenshot, I also tried a static route to the remote subnet 196.168.68.0/24  within the central router, but it did not change anything so I disabled it 

 

What else can I do ?

 

Txs

 

 

  

 

  0  
  0  
#3
Options

Information

Helpful: 1

Views: 60

Replies: 2

Tags

VPN
Related Articles
Deco BE65-5G Ethernet wan?
258 0
Which Satellite to add to Deco BE65-5G
409 0
Band selec BE65-5G
250 1
Deco BE65-5G
2737 1
Deco BE65-5G wifi phone calls
477 1
Static Route on BE65-5G
437 2
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.