Business Community > Routers > ER7206, Guest SSID to WAN VPN
< Routers

ER7206, Guest SSID to WAN VPN

ER7206, Guest SSID to WAN VPN

ER7206, Guest SSID to WAN VPN
ER7206, Guest SSID to WAN VPN
2024-05-16 20:59:47 - last edited 2024-05-17 01:52:40
Tags: #NAT
Model: ER7206 (TL-ER7206)  
Hardware Version: V1
Firmware Version:

Hi,

 

I know, this may sound odd, but :). I want to set up a Guest SSID, and ONLY for that Wi-Fi network, the upstream (WAN) connection is over VPN (router as a client). For the "stock" SSID, use the standard WAN connection.

 

Clear as mud? Is there a way to do this?

 

Thanks!

  0      
 
  0      
 
#1
Options
2 Accepted Solutions
Re:ER7206, Guest SSID to WAN VPN-Solution
2024-05-17 00:40:44 - last edited 2024-05-17 01:12:15

Hi @arrmo

Thanks for posting in our business forum.

L2TP VPN with Policy Routing. This might need VLAN interface involved but this will require additional settings in the ACL.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
Re:ER7206, Guest SSID to WAN VPN-Solution
2024-06-12 04:03:39 - last edited 2024-06-12 04:05:27

Hi @arrmo 

PBR has been scheduled to V5.16: Wireguard policy routing

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#7
Options
6 Reply
Re:ER7206, Guest SSID to WAN VPN-Solution
2024-05-17 00:40:44 - last edited 2024-05-17 01:12:15

Hi @arrmo

Thanks for posting in our business forum.

L2TP VPN with Policy Routing. This might need VLAN interface involved but this will require additional settings in the ACL.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
Re:ER7206, Guest SSID to WAN VPN
2024-05-17 00:46:08

  @Clive_A Thanks! Let me do some digging. I admit (and I should have said this, sorry!), wanting to use WireGuard on the uplink (for that one SSID).

 

  1  
  1  
#3
Options
Re:ER7206, Guest SSID to WAN VPN
2024-05-22 16:35:51 - last edited 2024-05-22 16:36:16

@Clive_A  OK, it may just be me, but struggling a bit to add a (Omada) client to server VPN ... site-to-site I think this is? I don't see WireGuard there (sadly), but I do see OpenVPN ... but even then, not sufficient settings to get the connection up?

 

Perhaps just me, but need that VPN first. And - do I need it on a second WAN interface, or can I have two IP's on a single WAN interface, and Policy Route to them?

 

Thanks!

  0  
  0  
#4
Options
Re:ER7206, Guest SSID to WAN VPN
2024-05-23 00:45:39

Hi @arrmo 

Thanks for posting in our business forum.

arrmo wrote

@Clive_A  OK, it may just be me, but struggling a bit to add a (Omada) client to server VPN ... site-to-site I think this is? I don't see WireGuard there (sadly), but I do see OpenVPN ... but even then, not sufficient settings to get the connection up?

 

Perhaps just me, but need that VPN first. And - do I need it on a second WAN interface, or can I have two IP's on a single WAN interface, and Policy Route to them?

 

Thanks!

Update your firmware. WireGuard is available on the ER7206.

Wireguard and OVPN tunnels do not support PBR yet.

 

The last sentence does not make sense to me. You don't need a second WAN. One WAN can suffice multiple VPNs.

If you have multiple NATs, you need to use the One-to-One NAT and it is mainly for port forwarding purposes as you need to mirror local service to multiple IPs.

It does not work for the VPN servers.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#5
Options
Re:ER7206, Guest SSID to WAN VPN
2024-05-23 00:47:59 - last edited 2024-05-23 00:48:25

  @Clive_A Thanks for the pointers - I was digging in parallel, and figured it out. I do have WireGuard, but like you note - not for Client-to-Site yet :(. Any idea if / when that's coming? WireGuard speed is just so much better than OpenVPN.

 

Thanks again!

 

FYI, a very helpful link: https://paulhiggs.github.io/tp-link-vpn/

  0  
  0  
#6
Options
Re:ER7206, Guest SSID to WAN VPN-Solution
2024-06-12 04:03:39 - last edited 2024-06-12 04:05:27

Hi @arrmo 

PBR has been scheduled to V5.16: Wireguard policy routing

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#7
Options

Information

Helpful: 0

Views: 468

Replies: 6

Tags

NAT
Related Articles
Open wan ports TL-ER7206
938 0
How can i quit a vpn user on my ER7206?
323 0
ER7206 change WAN/LAN port to a WAN port
270 0
ER7206 WAN throughput via SNMP
967 0
ER7206 OpenVPN
736 0
 Guest Network on ER7206
1036 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.