Business Community > Routers > R605 site-to-site routing to LAN
< Routers

R605 site-to-site routing to LAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

R605 site-to-site routing to LAN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
R605 site-to-site routing to LAN
R605 site-to-site routing to LAN
2021-11-07 18:31:22
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.1.1

First off, finding straight forward documentation on this is a bit of a challenge. 

The issue I am having is I can ping the LAN port IP of the other R605 when site-to-site VPN is connected but not beyond that port (other machines on the remote LAN).

 

The setup I'm currently trying to get working  before setting up the actual deployment is as follows;

- R605_A WAN (192.168.2.39) directly connected to R605_B WAN (192.168.2.40) port

- Both R605 have their own Omada controller

- R605_A LAN is 10.10.10.1/24

- R605_B LAN is 172.16.36.2/24

 

-VPN is IPSEC site-to-site manual configuration (there will be NAT requirements on final deployment)

- Remote gateway is the opposite r605 WAN IP

- Remote Subnet is the LAN port ip of the opposite r605 (10.10.10.1/24 and 172.16.36.2/24)

  0      
 
  0      
 
#1
Options
5 Reply
Re:R605 site-to-site routing to LAN
2021-11-08 09:28:15

@NorthernMike 

 

This FAQ on the tplink website has the similar issues to what you are talking about and can be used as a reference:https://www.tp-link.com/en/support/faq/3044/

Just striving to develop myself while helping others.
  0  
  0  
#2
Options
Re:R605 site-to-site routing to LAN
2021-11-08 11:38:15

@Virgo 

Unfortunately this is a site to site over IPSEC using R605 on both sides. 

In this simple setup, network A is 10.10.10.0/24, WAN is 192.189.2.0/24 and network B is 172.16.36.0/24. 

 

The client on network A is a Linux computer (RPI400) with only the normal iptables.

 

This is the second setback I've run into with these R605 acting like it does not want to route traffic  out the LAN port. I've added a static route with no success. 

  0  
  0  
#3
Options
Re:R605 site-to-site routing to LAN
2021-11-09 06:19:05

@NorthernMike 

 

I supposed you still need to check the VPN status to make sure that the IPSec SA tunnel is established successfully?
Is the configuration of IPsec the same on both ends? (some settings)

Just striving to develop myself while helping others.
  0  
  0  
#4
Options
Re:R605 site-to-site routing to LAN
2021-11-09 11:14:30

@Virgo 

The connections shows as being established under the "Insight" tab on both controllers. 

All settings are the same except the ip address section. I'll toss up screenshots of both a bit later when time permits.

 

 

  0  
  0  
#5
Options
Re:R605 site-to-site routing to LAN
2021-11-10 01:07:25

@Virgo 

I managed to get traffic through from network B to network A but not from A to B which is what I need.

Network A is going to be the remote site and network B has all the servers

All settings on both r605 routers are the same other than IPs. 

  0  
  0  
#6
Options

Information

Helpful: 0

Views: 714

Replies: 5

Related Articles
ER605 site-to-site and client-to-site
359 0
ER605 Site to Site
170 0
OpenVPN and Site to Site Connection
673 0
OpenVPN Site-to-Site with DDNS
152 0
 Internal LAN VPN Routing (Site-to-Site)
1146 0
Site to Site VPN issue
546 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.