@Exylian 

I am not sure what you mean. If you can provide details, it would be better.

If the remote subnet is not accessible, you can consider pinging the remote gateway to verify if it is a problem with the VPN tunnel or your client. 

 

You can refer to this:

  @Clive_A 

 

Thank you for your reply!

 

I'll attach some Screenshots to be more specific.

 

S2S Setup with two Remote Subnets

  Insight Status is only showing the first Remote Subnet routed
  First Subnet ist Reachable via Ping from my ER605

 

Second Subnet not Reachable

 

 

For testing purpose my Remote Side (Lancom Gateway) is accepting all adresses (0.0.0.0/0)

My local Network is 192.168.40.254 / 28

My ProviderGateway is 192.168.178.254

Remote Networks are 192.168.147.0/24 & 192.168.66.0/24

 

Hope this makes it more clear :)

  @MR.S 

 

Thank you for that guidance. Actually that works but feels weird and wrong.

  @Exylian 

 

YES I agree, I don't really know why that is like this, I see that on Unifi I can choose between router based and policy based VPN, Unifi against Unifi must use Router based, the same with Unifi against Omada, but Unifi against Cisco must use Policy Based, so it seems like there is a default on Omada which is Router Based VPN, I don't know :-)

 

 

 

 

 

 

  @GRL 

 

you don't add interface but ip or network objects , yes you can add supernet, groups with ip. there is a lot more choice than on Omada, but it is also more complicated. you can nat vpn tunnels all the way. so if you have the same ip net on two sites you can use nat in vpn to solve that problem. but i like working with different ip net on different sites. it makes things much easier :-)

 

but with Cisco you can create as many ip groups or port groups as you want, I've never been told that I can't create more groups because now you've used up the 16 you have available. so those aren't the problems I struggle with on Omada