Hello,

i am trying to configure two ER605.

one as L2pT server on site with real static IPv4

one as L2PT client on site without real IPv4 (probably behind ISP NAT and etc; there is no upstream modem. WAN connection is PPPoE).

 

Both under same Omada Software Controller but in different controller Sites.

 

remote (client) ER605 and devices are using "inform controller ip" feature to connect to omada controller behind primary ER605.

==

 

options for auto/manual ipsec with site-to-site L2PT are not possible because of not real ip address on remote site.

 

I have working L2PT server on primary ER605 with user i am using to connect remotely.

I created second VPN user under same server to use as credentials in remote ER605 client-to-site l2pt policy.

I tried VPN user as Network extension and regular client.

i tried remote policy as NAT and routing . I think routing should be correct one in my case ?

 

While i see on both sites VPN connection from controller "Insights -> VPN status"

i cannot make it to route traffic.

on remote site i see L2PT policy as static route next hop interface but on primary site i cannot configure any routing policy because i do not see connected client.

probably i am missing something but i have no idea what to check or what to try.

 

=======

 

My target is to have access to devices behind remote ER605 when i am connected to primary ER605.

When physically behind remote  #R605 it will be nice to be able to access devices behind primary ER605

basically two way LAN access while everything not local => WAN as usual.

 

on primary site i have network 192.168.2.1/24 as my LAN and L2PT server pool

on remote site LAN network is 192.168.102.1/24.

when L2PT is connected i can see on remote site routing line 192.168.2.X to interface "l2pt client"

when L2PT client is connected i see on master site routing line 192.168.2.x to interface ppp(1,2,3,n)