Home

Forums

Stories

Knowledge Base

Business Community > Routers > ER605 site-to-site VPN

< Routers

ER605 site-to-site VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 site-to-site VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

firefox111

2022-09-13 00:14:01

Posts: 98

Helpful: 11

Solutions: 0

Stories: 0

Registered: 2021-08-26

ER605 site-to-site VPN

2022-09-13 00:14:01

Model: ER605 (TL-R605)

Hardware Version:

Firmware Version:

Hello! Can the site-to-site VPN in the ER605 take Dynamic host names? I have DDNS on both sites A and B. Thanks.

Also, will IPSec VPN takes too much bandwidth on both sites? Thanks again.

6 Reply

Virgo

LV5

2022-09-13 12:32:34

Posts: 2588

Helpful: 345

Solutions: 191

Stories: 0

Registered: 2021-05-10

Re:ER605 site-to-site VPN

2022-09-13 12:32:34

@firefox111

Hello! Can the site-to-site VPN in the ER605 take Dynamic host names? I have DDNS on both sites A and B. Thanks.

As far as I know, this device does not support mDNS repeater, so there may be no way to implement this.

As for whether the VPN takes up bandwidth, then I think the answer is yes, the data is going out of the WAN port, it is definitely taking up, as to how much it takes up should depend on the real-time VPN usage, viewing files or videos with a VPN is definitely different.

Just striving to develop myself while helping others.

MR.S

LV5

2022-09-13 13:28:42

Posts: 2083

Helpful: 754

Solutions: 260

Stories: 0

Registered: 2018-08-17

Re:ER605 site-to-site VPN

2022-09-13 13:28:42

@firefox111

I think @Virgo misunderstand your question.

Yes you can use ddns in both site with dynamic ip when do vpn, no problem

vpn takes as much bandwidth as you use, but take it easy, it's not much on an ER605

firefox111

LV2

2022-09-13 17:03:09

Posts: 98

Helpful: 11

Solutions: 0

Stories: 0

Registered: 2021-08-26

Re:ER605 site-to-site VPN

2022-09-13 17:03:09

Okay. I have set up ipsec site-to-site vpn on both ER605. Yes, ddns is accepted! Well, the logs on both sites says they are connected but I cannot ping the remote local IP from my LAN. Do I have to be on the ER605 LAN's IP in order for me to access the remote site's "local" IP? Here's local LAN's: My site: 192.168.5.0/24 Remote site: 192.168.6.0/24 Those are the local IP's I configured in the respective sites. My laptop is connected to a WiFi router. That WiFi router's WAN port is connected to a LAN port of the ER605. My ping to 192.168.6.1 on my laptop gets "Request timed out". My tracert gets the correct hops from the WiFi router to the ER605. However it does not go to through the site-to-site tunnel! Do I need to do something else in the Firewall maybe?

firefox111

LV2

2022-09-13 20:43:00

Posts: 98

Helpful: 11

Solutions: 0

Stories: 0

Registered: 2021-08-26

Re:ER605 site-to-site VPN

2022-09-13 20:43:00

Also, do the Local and Remote network in the ipsec config be different from the LAN IP's of the respective ER605? The LAN in the ER605 in point A is 192.168.5.0/24 so I use that as the Remote network in the ER605 in point B. Correspondingly, the LAN in the ER605 in point B is 192,168.6.0/24 so I use that as the Remote LAN in the ER605 in point A. Is this how it should be done? If it is, then the site-to-site IS NOT working for me, even though the logs says connection was successful!

MR.S

LV5

2022-09-14 05:14:07

Posts: 2083

Helpful: 754

Solutions: 260

Stories: 0

Registered: 2018-08-17

Re:ER605 site-to-site VPN

2022-09-14 05:14:07

@firefox111

do you have any of the sites behind another firewall so you get double NAT? setting up site to site VPN on Tp-Link is quite simple. you can hardly do anything wrong.

make sure the PC is connected directly to the LAN not via another router's WAN and ping the remote site gateway,

firefox111

LV2

2022-09-14 15:18:11 - last edited 2022-09-14 17:11:45

Posts: 98

Helpful: 11

Solutions: 0

Stories: 0

Registered: 2021-08-26

Re:ER605 site-to-site VPN

2022-09-14 15:18:11 - last edited 2022-09-14 17:11:45

Yes, setup was simple. Just fill in the blanks then I took the default in advance settings with site A as responder and site B as initiator. Both logs show "...ipsec connection successfully". Once in a while, they negotiate Phase1 and Phase2 successfully. My laptop is connected directly to the ER605 LAN - BUT I cannot ping the remote ER605's LAN IP address! Not even in the Diagnostic ping in System Tools of the ERf605! Datta Flow is showing correct subnets. In: 192.168.6.1 <-- 192.168.5.1, Out: 192.168.5.1 --> 192.168.6.1.

ER605 site-to-site VPN

ER605 site-to-site VPN

Information

Voters 0

Tags