ER605 V2 Wireguard Allow Address for a whole /24

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER605 V2 Wireguard Allow Address for a whole /24

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER605 V2 Wireguard Allow Address for a whole /24
ER605 V2 Wireguard Allow Address for a whole /24
2023-11-01 18:17:04
Tags: #VPN
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.2

When configuring Wireguard, If I set the /24 prefix in the Allow Address field (in my case 10.66.66.0/24) I cannot ping other devices in the VPN network - which the Omada gateway is just a client, NOT the server. And, if I change the Allowed Address to 0.0.0.0/0 now it kinda works: The devices connected on the ER605 V2 can reach every device in the VPN network, BUT, all the gateway traffic is tunneled to the VPN as set by the Allowed Address, which is expected, but that is NOT what want: Just the 10.66.66.0/24 traffic is supposed to go thru it (which WONT work when configured accordingly as explained). Can TP-Link help us out here? Thanks!

  0      
  0      
#1
Options
1 Reply
Re:ER605 V2 Wireguard Allow Address for a whole /24
2023-11-02 01:25:32

Hi @Tavisco 

Thanks for posting in our business forum.

Try the beta:

Early Access ER605 V2_2.1.5 Build 20231024 Beta Firmware for Omada Controller V5.11 (Released on Oct 26th, 2023)

 

14. Fix the bug that after the device connects to the Server as a WireGuard VPN Client, the peer cannot access the device via WireGuard Interface IP.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options