ER605 does not retry VPN connection
ER605 does not retry VPN connection
If the VPN server is not available when the router restarts and then subsequently comes online the ER605 does not seem to attempt to connect to it once it comes online.
This is using a LAN-to-LAN connection, which works fine if the server is available when the router is restarted.
Am I missing a setting or is this a problem with the router?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
I'm going to have make some assumptions here in the absence of useful info, feel free to correct them and maybe we'll get closer to the bottom of this.
I suspect you have 'a 3rd party server' and an ER605 as opposed to a pair of ER605's or even just two TPlink routers trying to talk to each other.
I suspect you don't actually have a static IP at either end and are in fact using DDNS for the server end (you haven't bothered to or cannot do that on the ER605 end).
I suspect when your server 'goes down', it's public IP changes and your DDNS service is slow to detect the IP change and update the DDNS record.
The above would explain what you are seeing.
My recommendation is to make the ER605 end the L2TP client. Stand up the L2TP server at the other end. You should be able to repeatedly bounce the ER605 end and it should always reconnect within ~3min of reset/powerup. If you can prove that to yourself, then you can move on because the trouble is actually at the server end.
- Copy Link
- Report Inappropriate Content
Have a look at this thread:
https://community.tp-link.com/en/business/forum/topic/634228?replyId=1269906
- Copy Link
- Report Inappropriate Content
What VPN type are you using? I use L2TP/IPsec and they always come back up, no matter which end I bounce.
- Copy Link
- Report Inappropriate Content
@d0ugmac1 I'm using PPTP because the ER605 end does not have a static IP address.
When you say bounce, do you mean just briefly disconnect? Have you tried leaving the server offline for an extended period and then seeing whether the ER605 reconnects? Perhaps it gives up after a while. My server was down for about a day and since it went up again about 12 hours ago the ER605 doesn't seem to have retried the connection.
- Copy Link
- Report Inappropriate Content
Everything from a power glitch to a 2 day storm outage and it always comes back up.
- Copy Link
- Report Inappropriate Content
Thanks for posting in our business forum.
Try L2TP instead of PPTP. PPTP is outdated.
Like what the other member wrote, it should reconnect.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
you use L2TP the same way as PPTP, there is no difference except that L2TP is more secure.
but if you use LAN to LAN or Site to Site, I would recommend IPSec site to site VPN, which also works well with dynamic IP. you need to use no-ip or another dynamic dns service to connect by name instead of ip.
- Copy Link
- Report Inappropriate Content
you can find more information about VPN here
- Copy Link
- Report Inappropriate Content
NathanJPhillips wrote
@Clive_A did you see the message saying that the ER605 does not have a static IP address? How would you use L2TP without a static IP address?
? Why does it matter? If you don't have a static IP, how do you use PPTP? What is the difference?
- Copy Link
- Report Inappropriate Content
I'm going to have make some assumptions here in the absence of useful info, feel free to correct them and maybe we'll get closer to the bottom of this.
I suspect you have 'a 3rd party server' and an ER605 as opposed to a pair of ER605's or even just two TPlink routers trying to talk to each other.
I suspect you don't actually have a static IP at either end and are in fact using DDNS for the server end (you haven't bothered to or cannot do that on the ER605 end).
I suspect when your server 'goes down', it's public IP changes and your DDNS service is slow to detect the IP change and update the DDNS record.
The above would explain what you are seeing.
My recommendation is to make the ER605 end the L2TP client. Stand up the L2TP server at the other end. You should be able to repeatedly bounce the ER605 end and it should always reconnect within ~3min of reset/powerup. If you can prove that to yourself, then you can move on because the trouble is actually at the server end.
- Copy Link
- Report Inappropriate Content
@d0ugmac1 Thanks for raising some questions to help me provide more useful background.
The server is a DrayTek Vigor 2925, the client a TP-Link ER605.
The server is at the static IP address 81.2.80.129 and has been for many years, this won't change.
If the server is up the client connects reliably to it but if the connection drops the client does not reconnect until it is rebooted.
The client is behind NAT - I might be able to get someone to make the NAT server forward inbound traffic to the ER605 but I don't know this for sure yet.
As mentioned above I am using PPTP.
We are OK with the level of security provided by PPTP but a totally unencrypted L2TP wouldn't work for our use case.
I believed L2TP with IPSec wouldn't work because the client does not have a static IP address, I can try to use DDNS but because it is behind NAT I am not sure this would work so haven't yet tried. Is it worth trying to get this working?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1799
Replies: 14
Voters 0
No one has voted for it yet.