Hi @mrwassen 

Thanks for posting in our business forum.

If your IP is 192.168.10.0/24, you want to browse the ER605 admin page, use the ER605 WAN IP, 192.168.10.254, and make sure you have enabled Remote Management.

If SSH and from 192.168.10.0/24, you should SSH the IP address 192.168.10.254.

Thanks both for the suggestions. The good news is that I now can access the router from the 192.168.10.xxx network and open an SSH session.

The potentially bad news is that after getting access to the command line, I was unable to find any CLI commands that allow me to manage the configured VPN's. My last hope is that there are some undocumented commands - if not, it seems I will not be able to get to my goal which was to manage the VPN's using scripting :-(.

If such VPN related commands are not available on this particular device, could somebody suggest a different device? (there are still 28 days left in the Amazon return window :-))

Any help appreciated.

Hi @mrwassen 

Thanks for posting in our business forum.

mrwassen wrote

The potentially bad news is that after getting access to the command line, I was unable to find any CLI commands that allow me to manage the configured VPN's. My last hope is that there are some undocumented commands - if not, it seems I will not be able to get to my goal which was to manage the VPN's using scripting :-(.

CLI guide: https://static.tp-link.com/upload/manual/2023/202307/20230725/1910013378_ER605(UN)2.0_CLI.pdf 

If there are no lines mentioning the VPN type you use, or enable/disable it, then we don't provide that line. 

mrwassen wrote

If such VPN related commands are not available on this particular device, could somebody suggest a different device? (there are still 28 days left in the Amazon return window :-))

 

Any help appreciated.

You may take a look at the open source software like pfSense. Or other pre-build brands like UBNT or Mikrotik. They seem to fully support all configs in command-line mode. Try them out before you make the final choice.

Thanks again. I ended up implementing a laughably low-tech solution. I will keep the ER605 in place as the VPN client, then insert a $10 ethernet switching device allowing the streaming device switch between the regular network switch or the VPN router (in order to "switch countries"). 

On a related note though, I had one more question (also with reference to the diagram in my initial post):

Is there any way to allow resources on the 192.168.10.xxx network to access devices on the 192.168.11.xxx network, e.g. RDP sessions. (The opposite direction seems to work fine).

I have experimented with setting up static routes on the Verizon router, but am not able to get it to work. Is there a firewall on ER605 I can disable or open a port on?

Thanks for the suggestion. Is it correct that "Virtual Server" in reality is what is known as port forwarding on consumer grade routers? If so this is helpful to some extent, but I was hoping for a way to get more complete access.

So without specifying the target IP on the 192.168.11.xxx network, I would like to simply access any client on the .11 network from the .10 without having to setup individual entries. I was thinking this could be achieved using a (static) routing entry of some sort, but I may be wrong?

Thanks

Dennis