ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
2023-11-08 18:22:18 - last edited 2023-11-09 02:16:30
Tags: #VPN
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version: 1.3.0 Build 20230322 Rel.70951

Background:

I simplified the network topology.

 

WORK (site - the network I'm trying to reach) - public address xxx.xxx.xxx.53

 

Router ER7206 standalone 192.168.20.1
AP EAP620HD standalone 192.168.20.234

 

HOME (client) - public address xxx.xxx.xxx.138

 

Router TP-Link AXE75
PC Windows 10

 

Following the guide from the FAQ.

 

These are my settings on ER7206, PC, and iPhone.

 

LAN

 

LAN

DHCP of LAN

DHCP of LAN

VPN IP Pool list

VPN IP Pool list

Users

L2TP Server Settings

Logs in ER7206 shows success status connection from my PC (client)

Success on Windows 10 VPN Settings page.

output on ipconfig in CMD on the VPN with IP Address from L2TP connection

ICMP ping success from EAP620HD behind ER7206 (both in standalone mode)

But it fails to load or open on the web page like local connection.

Scan for ports on iPhone. No ports are opened on the VPN. Meaning I cannot open https://192.168.20.234 in VPN.

 

Question: How do I access EAP620HD standalone management page from ER7206 VPN (L2TP)? Am I missing something from the the FAQ?

  0      
  0      
#1
Options
1 Accepted Solution
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping-Solution
2023-11-09 02:16:07 - last edited 2023-11-09 02:16:30

Hi @YuukiA 

Thanks for posting in our business forum.

Enable the L3 accessibility then you should be able to access the EAP. By default, they are not accessible via a VPN tunneled device.

 

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
5 Reply
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping-Solution
2023-11-09 02:16:07 - last edited 2023-11-09 02:16:30

Hi @YuukiA 

Thanks for posting in our business forum.

Enable the L3 accessibility then you should be able to access the EAP. By default, they are not accessible via a VPN tunneled device.

 

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
2023-11-09 03:25:03 - last edited 2023-11-09 04:27:11

Update EDIT: I tried again after enabling Layer-3 Accessibility on 6 of my EAP620HD. It still doesn't respond by opening the web page on https://192.168.20.234:443.

Config

Results

 

Do I need a L2+ managed switch for this?

  @Clive_A Thank you for the fast reply. I'll get on my work and enable it on my EAP.

  0  
  0  
#3
Options
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
2023-11-09 07:20:54

Hi @YuukiA 

Thanks for posting in our business forum.

No. Absolutely not necessary. This should be the fix. When the EAP is working in the VPN scenario, it does not launch the page until you turn on the L3 accessibility.

Simply put the IP address. Don't put HTTPS and port number.

Try again.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#4
Options
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
2023-11-09 08:14:27

  @Clive_A I've enabled L3-Layer Web management on all the EAPs. None of them work. Scanning for open ports on those IP addresses did not reveal anything. Could it be a bug on Router or EAP? I've tried it on Windows, MacOS, iOS. Nothing is opening the web page.

 

Could the engineers check if the web management of EAP620HD works on L3?

  0  
  0  
#5
Options
Re:ER7206 L2TP tunnel EAP standalone fails to open browser but it responds to ICMP ping
2023-11-09 14:48:20

@Clive_A  Would it change anything if I use OpenVPN instead of L2TP? If Layer 3 web server is enabled, it should work with OpenVPN as well, right?

  0  
  0  
#6
Options