Sematix wrote

Hi,

 

I had some troubles establishing an L2TP/IPSec tunnel between two TL-R600VPN v4 when I saw on your support website a new firmware which says :

 

"Fix bugs that it cannot establish L2TP over IPsec VPN connection when NAT exists;"

 

I thought it was the solution. I have made a firmware update on both VPN routers but still the same problem : L2TP OK when no IPSec but when I enable the IPSec policies it doesn't work anymore despite correct IPSec SAs in the SA list.

 

Any other report of that problem with the latest firware ? (TL-R600VPN(UN)_v4_20180530)

 

Regards,

 

Sebastien

 

Hi,

What does your network look like?

R600VPN--NAT===Internet===NAT2---R600VPN2? Is that?

Did you open the correct port for the R600VPN IPSec? Like UDP500 and 4500?

Hi Panda,

Yes, there is a NAT on each side (my provider VDSL2 BOX) and a DMZ pointing to the each TL-R600VPN WAN interface. I also configured virtual servers in the VPN routers to point to the WAN IP as I read it in the TP-Link VPN configuration document received by the support team (ports 500, 1701, 4500). I don't understand anyway why I had to do this because the WAN IP is in the DMZ so why should I configure these servers ? All the public traffic is routed directly to the WAN IP... The fact remains that with the virtual severs I get an IPSec tunnel and without not, but when established that tunnel does not work.

Regards,

Sebastien