ER605 v1 : openvpn and ikev2 home connection issues

ER605 v1 : openvpn and ikev2 home connection issues

ER605 v1 : openvpn and ikev2 home connection issues
ER605 v1 : openvpn and ikev2 home connection issues
2024-07-05 20:02:02 - last edited 2024-07-08 04:04:35
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.3.1 Build 20231207 Rel.61384

Hi all,

 

I have difficulties to access to my local network from my PC+iphone+android tablet(Xiaomi Pad6) with only one vpn solution, be it openvpn or ikev2 protocol.

 

With openvpn :

- from the PC : I manage to connect to my local network, and access to my local equipment (e.g. my Synology NAS, through the DS FIle application).

- from the iPhone or the android tablet: I manage to connect to my local network, and get a local IP address, BUT can't connect to my local equipment (including the Synology NAS, through DS File application). Globally I don't understand why I'm connected to the local network (and I can see it from the ER605 v1 interface, which I use in standalone mode), but I can't access to my local equipment.

 

With  ikev2 protocol :

- from the iPhone : I could setup the vpn connection, I can connect to my local network with my iPhone, and access to my local equipment including the Synology NAS. No problem.

- from the android tablet: impossible to setup properly the connection. I use the IKev2/IPSec PSK option, define the server address as my public IP address, the IPSec identifier as chosen in the ER605 vpn connection definition menu, and the pre-shared key as well. However, when I attempt a connection from the tablet, I'm warned that the connection is not secured, and then the connection attempt stops and says it failed.

- from the PC : I can't use the pre-shared key solution proposed by ER605v1 router. The only solutions proposed by Windows 11 for ikev2 are chip, user/password, certificate or one-time password, and none is available with ER605v1.

 

So my issues are:

1 - I don't understand why the openvpn connection works without issue with the PC, and not the iPhone and tablet,

2 - I don't understand why the ikev2 connection works with the iPhone, and not with the android tablet (for the PC with Windows 11, I just think that ER605v1 does not provide appropriate options).

 

If you have any suggestion to solve my problems, many thanks by advance !

 

Best regards,

 

Benjamin 

  0      
  0      
#1
Options
5 Reply
Re:ER605 v1 : openvpn and ikev2 home connection issues
2024-07-08 03:13:18

Hi @Ben-91 

Thanks for posting in our business forum.

First, this was posted on the wrong page. I have moved it to the router page. Please make sure you post the threads on the correct pages.

 

Provide the ping results from the iPhone or the tablets when you are connected to the VPN tunnels.

Ping the default gateway of the router. The LAN IP. I mean.

 

Second issue, refer to this and configure it:

How to Configure IPsec IKEv2 VPN for Android 13/14 or iPhone

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:ER605 v1 : openvpn and ikev2 home connection issues
2024-07-08 20:33:44 - last edited 2024-07-08 20:34:43

  @Clive_A  Hi Clive,

 

first of all, thanks to have moved my post to the appropriate page - sorry for the mistake !

 

For Openvpn connexion :

 

- on both iPhone and tablet : once connection confirmed by the app, when I ping the gateway (I used its LAN address 192.168.0.1), all packets are lost, and each attempt leads to a request time-out. Note: I noticed that the server public IP mentioned by Openvpn app. installed on either iPhone or android tablet is an IPV6 type address.

 

- on PC (using Windows 11), once connection confirmed by the app, all the ping attemps towards the gateway 192.168.0.1 LAN address are successful. I noticed that the server public IP mentioned by the Openvpn app. installed on Windows 11 is an IPV4 type address (and in fact, my home public IP). 

 

So at this stage, apparently while the Openvpn confirms connection to my home from my iPhone or tablet, I can't reach the local address of my router, and when doing the same from my PC, it works. And with iPhone or tablet the server public address is suprisingly an IPV6 address which I don't know, while on the PC which allows me reaching my gateway with its local address, I see my public IPV4 address as public server IP. Of course, 

 

Any advice with these results ? note : I didn't configure any IPV6 network on my router, and if its not necessary (it seems not with the PC), it's fine for me.

 

For the second issue with ikev2 : thanks for the link / I tried it, and:

- for the iPhone: it did not allow me to connect to my home. And when using instead this guide, then it works without issue.

- for the android tablet: it didn't solve my problem. The tablet keeps saying "unsecured connection", and then does not connect.

- for the PC : as mentioned previously, I can't establish an ikev2 connection with a preshared key, and I might be mistaken, but it seems it's impossible: do you confirm ?

 

Again, thank you very much for your help and your time - I hope we will find a solution.

 

Best regards,

 

Benji

  1  
  1  
#3
Options
Re:ER605 v1 : openvpn and ikev2 home connection issues
2024-07-09 00:58:11

Hi @Ben-91 

Thanks for posting in our business forum.

Ben-91 wrote

  @Clive_A  Hi Clive,

 

first of all, thanks to have moved my post to the appropriate page - sorry for the mistake !

 

For Openvpn connexion :

 

- on both iPhone and tablet : once connection confirmed by the app, when I ping the gateway (I used its LAN address 192.168.0.1), all packets are lost, and each attempt leads to a request time-out. Note: I noticed that the server public IP mentioned by Openvpn app. installed on either iPhone or android tablet is an IPV6 type address.

 

- on PC (using Windows 11), once connection confirmed by the app, all the ping attemps towards the gateway 192.168.0.1 LAN address are successful. I noticed that the server public IP mentioned by the Openvpn app. installed on Windows 11 is an IPV4 type address (and in fact, my home public IP). 

 

So at this stage, apparently while the Openvpn confirms connection to my home from my iPhone or tablet, I can't reach the local address of my router, and when doing the same from my PC, it works. And with iPhone or tablet the server public address is suprisingly an IPV6 address which I don't know, while on the PC which allows me reaching my gateway with its local address, I see my public IPV4 address as public server IP. Of course, 

 

Any advice with these results ? note : I didn't configure any IPV6 network on my router, and if its not necessary (it seems not with the PC), it's fine for me.

 

For the second issue with ikev2 : thanks for the link / I tried it, and:

- for the iPhone: it did not allow me to connect to my home. And when using instead this guide, then it works without issue.

- for the android tablet: it didn't solve my problem. The tablet keeps saying "unsecured connection", and then does not connect.

- for the PC : as mentioned previously, I can't establish an ikev2 connection with a preshared key, and I might be mistaken, but it seems it's impossible: do you confirm ?

 

Again, thank you very much for your help and your time - I hope we will find a solution.

 

Best regards,

 

Benji

Use IPv4.

Wireguard and OVPN lack support for v6. The request for v6 is aware and I am still collecting the feedback to determine if this is a high-priority request. As for now, it is not scheduled.

If you use the exported file from the Omada router, it should be v6. Not sure why you are seeing v6 address.

 

For the IPsec, I believe it is an issue with your device. I require the screenshots of your config so I can review it in case you missed some important steps or misconfigured it.

For the IPsec on Windows, we don't have a guide for that. L2TP over IPsec, we do. I think the IPsec on Windows requires third-party software instead of the built-in IPsec that Windows has. It does not work that well.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#4
Options
Re:ER605 v1 : openvpn and ikev2 home connection issues
2024-07-09 05:33:59

  @Clive_A hi Clive, thanks for your help. For openvpn I solved my problem with the correction recommended for last updates of openvpn client app in this page : https://community.tp-link.com/en/business/forum/topic/653224

 

For ikev2, I will send you a tablet snapshot asap. For the PC, I will look for a dedicated app - if you have a suggestion, it is welcome.

Thanks again,

Benji

 

  0  
  0  
#5
Options
Re:ER605 v1 : openvpn and ikev2 home connection issues
2024-07-11 20:09:46

 @Clive_A  Hi Clive,

 

So I made a screenshot on the vpn ikev2 connexion on my tablet, but I fear it won't be instructive, as very few information is in it.

And for windows 11, I didn't find a vpn client for windows 11 that would allow me connecting to my home.

So I think I will stop now my investigations, except if you identifiy something to do/correct for the ikev2 connexion on the tablet: indeed, I recovered possibility to use openvpn on the 3 devices (iPhone, android tablet, PC) without any issue now, thanks to the correction on the compression parameter.

 

Thanks !

 

Ben

 

  0  
  0  
#6
Options