LAN client to Remote Subnet server Routing by way of VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

LAN client to Remote Subnet server Routing by way of VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
LAN client to Remote Subnet server Routing by way of VPN
LAN client to Remote Subnet server Routing by way of VPN
2024-02-09 00:50:51 - last edited 2024-02-18 01:32:44
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.3.1

Not specific to this router from what I can tell.

 

I cannot seem to make a port forward (WAN->LAN) work for an IP at the far end of an L2TP/IPsec tunnel at all.  I cannot use a reverse proxy on my NAS to reach an IP at the end of that tunnel either, unless I add a static route on the NAS to that IP by way of the tunnel endpoint (which can change if the tunnel bounces, and so is not a reliable approach).

 

Ideally the default gateway for the VLAN, would be smart enough to know about the remote subnet, and forward any packet destined for it via the tunnel, but this is not the case.  I believe that is why the port-forwarding across the TPlink router also does not work.

 

To illustrate, public IP (router) LAN subnet (tunnel) remote subnet

 

50.50.50.50 (ER605) 10.10.10.0/24 (L2TP VPN) 20.20.20.0/24

 

I cannot forward 50.50.50.50:80 to 20.20.20.20:80

 

If I run a reverse proxy on 10.10.10.10, then I CAN proxy 50.50.50.50:443 to 10.10.10.100:443 (by forwarding first to 10.10.10.10 and then proxying to 10.10.10.100) but I cannot proxy 50.50.50.50:8080 via 10.10.10.10 to 20.20.20.20:80.  If my VPN tunnel is configured to use 30.30.30.0/24, then the initial local tunnel endpoint IP is usually 30.30.30.1.  If I add a static route on 10.10.10.10, saying the route 20.20.20.0/24 is via 30.30.30.1 then my previously configured proxy to 20.20.20.20:80 starts working.  Problem is if the remote end reboots for whatever reason, I often see the tunnel endpoint change to 30.30.30.2 etc.

 

Do I need a feature request, or am I just being stupid?  Is there a better way?

 

 

<< Paying it forward, one juicy problem at a time... >>
  0      
  0      
#1
Options
2 Accepted Solutions
Re:LAN client to Remote Subnet server Routing by way of VPN-Solution
2024-02-11 12:39:43 - last edited 2024-02-18 01:32:44

  @d0ugmac1 

 It does not work ever since the birth of omada series.

ScReW yOu gUyS. I aM GOinG hoMe. —————————————————————— For heaven's sake, can you write and describe your issue based on plain fact, common logic and a methodologic approach? Appreciate it.
Recommended Solution
  2  
  2  
#2
Options
Re:LAN client to Remote Subnet server Routing by way of VPN-Solution
2024-02-18 01:34:04 - last edited 2024-02-18 01:34:46

Hi @d0ugmac1

Thank you for your feedback and post. We have forwarded your request to our developer team for evaluation.
To stay updated on firmware releases, we recommend subscribing to the pinned thread on the related page or regularly checking our official website where new releases are typically announced promptly. Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Please note that all requests undergo a thorough evaluation by our developer team before being added to the roadmap. This process may take some time, so please be patient if you don't see immediate results. Features with lower priority or fewer user reports might experience delays in implementation as we gather more feedback and compare it with competitor products.
It is important to understand that submitting a request does not guarantee its implementation; only requests that pass the evaluation will be considered for inclusion in future updates.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#3
Options
2 Reply
Re:LAN client to Remote Subnet server Routing by way of VPN-Solution
2024-02-11 12:39:43 - last edited 2024-02-18 01:32:44

  @d0ugmac1 

 It does not work ever since the birth of omada series.

ScReW yOu gUyS. I aM GOinG hoMe. —————————————————————— For heaven's sake, can you write and describe your issue based on plain fact, common logic and a methodologic approach? Appreciate it.
Recommended Solution
  2  
  2  
#2
Options
Re:LAN client to Remote Subnet server Routing by way of VPN-Solution
2024-02-18 01:34:04 - last edited 2024-02-18 01:34:46

Hi @d0ugmac1

Thank you for your feedback and post. We have forwarded your request to our developer team for evaluation.
To stay updated on firmware releases, we recommend subscribing to the pinned thread on the related page or regularly checking our official website where new releases are typically announced promptly. Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Please note that all requests undergo a thorough evaluation by our developer team before being added to the roadmap. This process may take some time, so please be patient if you don't see immediate results. Features with lower priority or fewer user reports might experience delays in implementation as we gather more feedback and compare it with competitor products.
It is important to understand that submitting a request does not guarantee its implementation; only requests that pass the evaluation will be considered for inclusion in future updates.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#3
Options