ER605 disconnected since months but reachable via VPN
ER605 disconnected since months but reachable via VPN
Hi,
since months I have a remote ER605 that appears as disconnected in the Omada interface.
Also if appearing as disconnected, I can reach the device using the VPN setup in Omada.
I cannot go onsite because it is located in another country, but the only action that i could take was to ask a person to access the site and restart the ER605 and the router from the provider.
After the restart, the VPN connection was reestablished as normal, but the ER605 continues to be disconnected.
Can someone help, please?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Clive_A,
the VPN is using DDNS. So there is no problem with the VPN.
Now that I have been able to connect (also if with that workaround) to the remote router, I am finally able to see logs but I cannot find anything useful.
What I suspect is that when I first adopted the router I used a dynamic IP hostname that for some reason has not been updated anymore or some similar issue.
So what I did now, I changed the port redirection from linux in site B to point to the ports on my local PC in site A where I am running the Discovery Utility (for some reason I could not run it from site B).
socat -T15 udp4-recvfrom:29810,reuseaddr,fork udp:192.168.0.17:29810
socat tcp-listen:29814,reuseaddr,fork tcp:192.168.0.17:29814
It worked perfectly and I have been able to re-adopt the router on site B using the address configured in DDNS.
I have then removed any port redirections in linux, reboot all the devices (just for testing) and the remote router is now connected.
- Copy Link
- Report Inappropriate Content
Can you provide a more detailed description, such as a diagram of the network topology you are using? Under the same topology, you were able to implement device adoption before, right?
Have you confirmed that the Controller and the device to be adopted can access the Internet normally?
Maybe this link will help you:
- Copy Link
- Report Inappropriate Content
did you have any luck with the discovery utility? or setting up the DHCP option as a backup way to force the devices to reconnect? since your vpn tunnel is still up and running, I think that might be helpful in fixing this.
- Copy Link
- Report Inappropriate Content
Hi @Md-Ripon3
The diagram is simple and shown below.
This has been working for at least a couple of years without any issue.
TBH all started after a few days from the upgrade of the router to 1.3.0.
The connection to internet is working perfectly on both sites.
From the location A I can reach any device on location B, including the ER605 (that of course shows just the screen that it is managed by Omada.
I also successfully connected via ssh but it seems to not be so useful.
From location B I can reach any device on location A.
I tried to restart all the devices on both sides and the VPN is reestablished without problems but the ER605 continues to appear as disconnected on location B.
I also tried to configure option 138 on the DHCP (I tried with the internal address and external one but nothing happens. Not sure if I am using/configuring it correctly.
NAT on location A is configured to redirect the ports used by Omada to the controller.
Note that all the TP-link devices are upgraded to the latest versions
Thank you for your help
- Copy Link
- Report Inappropriate Content
Hi @Tedd404
please see my previous post of a few minutes ago.
As explained there, I tried to configure the option 138 on DHCP. I tried with both the internal and external addresses. But nothing happens.
I am not sure if because of the fact that the ER605 is disconnected, the DHCP changes are not applied to the remote router.
Thank you
- Copy Link
- Report Inappropriate Content
Birillo wrote
Hi @Tedd404
please see my previous post of a few minutes ago.
As explained there, I tried to configure the option 138 on DHCP. I tried with both the internal and external addresses. But nothing happens.
I am not sure if because of the fact that the ER605 is disconnected, the DHCP changes are not applied to the remote router.
Thank you
how often does it repeat? like certain period of time?
what kind of vpn do you use?
this happened after the first day you updated to 1.3.0?
dhcp option 138 at site b should be filled with the public wan IP of the site a. did you do this correctly?
again, did you find any WAN down in the log? does any of the side experience an offline from the internet? you see the log? the disconnection of the er605 and the internet disconnection happen simultaneously?
- Copy Link
- Report Inappropriate Content
@Tedd404
this is constantly disconnected since 10th July.
It happened a few days after the upgrade.
I created the VPN in Omada using L2TP and Network Extension Mode follwing recommendations fron tp-link support. This worked very well in my case instead of the ipsec site2site.
I put the wan address of site A in the site B DHCP configuration. But not sure if it has any effect considering that the ER605 in site B is disconnected from the controller.
The VPN is constantly active and internet in both sites is stable. I have no disconnections.
I should get notifications from site B if it drops.
Logs are not helping.
Nothing from site B.
- Copy Link
- Report Inappropriate Content
Hi @Birillo
Thanks for posting in our business forum.
This might be a problem with the system. But I cannot say sure now. IPsec is recommended for a reason. L2TP might not work well for this.
What if you try to roll back the firmware, will this issue persist?
- Copy Link
- Report Inappropriate Content
Hi @Clive_A
The reason why I went for the L2TP option is that originally site B did not have a public IP.
This has changed a couple of years ago, but I did not see a valid reason to switch to ipsec since the VPN ws working great.
In which way ipsec could help with my situation?
BTW I cannot reconfigure the VPN until when the router reconnect to the controller ...I assume!
I also cannot downgrade the ER605 since it is currently located in another country with nobody onsite. The only think I can do is connect via VPN.
- Copy Link
- Report Inappropriate Content
Hi @Birillo
Thanks for posting in our business forum.
Birillo wrote
Hi @Clive_A
The reason why I went for the L2TP option is that originally site B did not have a public IP.
This has changed a couple of years ago, but I did not see a valid reason to switch to ipsec since the VPN ws working great.
In which way ipsec could help with my situation?
BTW I cannot reconfigure the VPN until when the router reconnect to the controller ...I assume!
I also cannot downgrade the ER605 since it is currently located in another country with nobody onsite. The only think I can do is connect via VPN.
I set up a network like yours in my lab for a test and will see the result.
What's the interval that you experience this? 1 day? Or, the repeated interval time, is there a pattern to that?
- Copy Link
- Report Inappropriate Content
Hi @Clive_A
thanks a lot for your help!
The device is in this status since July!
It never reconnected to the controller ....except for the VPN that continue working as usual.
FYI ssh is enabled on the ER605 ..but for what I saw there is no useful command that could help.
I can reach the web interface ..but it says that it is managed by Omada.
In the same network I can reach a small linux device (arm64). I tried to run there the Discovery utility but without any luck.
I tried different JRE distribution and JavaFX libraries but I have not been able to successfully run the utility. It crashes as soon it starts.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1962
Replies: 19
Voters 0
No one has voted for it yet.