Home

Forums

Stories

Knowledge Base

Business Community > Gateways > ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

< Gateways

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

Unclebiscuits79

2 weeks ago - last edited Yesterday

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2025-11-16

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

2 weeks ago - last edited Yesterday

Tags: #WireGuard

Model: ER605 (TL-R605)

Hardware Version: V2

Firmware Version: ER605(UN)_V2.20_2.3.3 Build 20251029

Hi there,

I am posting this back out there to get some status on this issue. I used the same name from the only issue that I could find on the subject that hasn't been updated since 10/2024

When setting up a peer for Wireguard on the router directly (no Omada controller), you are only able to provide 1 CIDR for the "Allowed Ips" to send up the tunnel

This is a real problem, as I have multiple networks that needed to be accessed from the peer connection. The exact scenario for a site to site connection is described in the TP-Link community post (linked below), but I can't implement on the standalone ER605. Please advise.

https://community.tp-link.com/en/business/forum/topic/620506

1 Accepted Solution

Hank21

2 weeks ago - last edited Yesterday

Posts: 3991

Helpful: 783

Solutions: 556

Stories: 8

Registered: 2021-12-13

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)-Solution

2 weeks ago - last edited Yesterday

Hi @Unclebiscuits79

ER605 does not support this feature in standalone mode currently, but the following three models support multi-subnets for allowed-ip in Wireguard VPN in standalone with the pre-release firmware.

https://community.tp-link.com/en/business/forum/topic/857562
https://community.tp-link.com/en/business/forum/topic/857568
https://community.tp-link.com/en/business/forum/topic/857570

ER605 would support this with the following firmware update, you may try to use the free software Controller as a work-around at the moment.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*

Recommended Solution

5 Reply

jra11500

LV4

2 weeks ago - last edited 2 weeks ago

Posts: 578

Helpful: 204

Solutions: 45

Stories: 2

Registered: 2022-12-20

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

2 weeks ago - last edited 2 weeks ago

@Unclebiscuits79

I don't know if it will help but there is a slightly newer guide here. I also don't know if using a different subnet mask might work, for example if all the networks are in the 192.168.x.x range, then the allowed IPs would be 192.168.0.0 and the CIDR would be /16.

1x ER7406 1x OC300 4x SG2008 1x EAP610 3x EAP650-Desktop 1x EAP772-Outdoor

Unclebiscuits79

LV1

2 weeks ago

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2025-11-16

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

2 weeks ago

@jra11500

Can you point to how I add multiple subnets to the "Allowed IP" for the peer in the standalone mode.

I don't see that. That is the issue.

jra11500

LV4

2 weeks ago - last edited 2 weeks ago

Posts: 578

Helpful: 204

Solutions: 45

Stories: 2

Registered: 2022-12-20

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

2 weeks ago - last edited 2 weeks ago

@Unclebiscuits79

I just updated my last post. After briefly researching the issue, it appears the single subnet limitation has been discussed on the forum several times. Until a future firmware update resolves the issue when in standalone mode, the only solution is to use a controller.

1x ER7406 1x OC300 4x SG2008 1x EAP610 3x EAP650-Desktop 1x EAP772-Outdoor

Unclebiscuits79

LV1

2 weeks ago

Posts: 4

Helpful: 0

Solutions: 0

Stories: 0

Registered: 2025-11-16

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

2 weeks ago

@jra11500

Thanks for your help. Yep, the issue that I saw was from 10/2024 so I figured I would ask to see if there was some workaround to make this work correctly.

I find it unreasonable to have to purchase/use two separate devices to do one thing (Wireguard) correctly.

Do all ER models have this problem, or just the ER605?

Hank21

2 weeks ago - last edited Yesterday

Posts: 3991

Helpful: 783

Solutions: 556

Stories: 8

Registered: 2021-12-13

Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)-Solution

2 weeks ago - last edited Yesterday

Hi @Unclebiscuits79

ER605 does not support this feature in standalone mode currently, but the following three models support multi-subnets for allowed-ip in Wireguard VPN in standalone with the pre-release firmware.

https://community.tp-link.com/en/business/forum/topic/857562
https://community.tp-link.com/en/business/forum/topic/857568
https://community.tp-link.com/en/business/forum/topic/857570

ER605 would support this with the following firmware update, you may try to use the free software Controller as a work-around at the moment.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

Information

Voters 0

Tags