Business Community > Gateways > ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
< Gateways

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)

ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
23 hours ago
Tags: #WireGuard
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: ER605(UN)_V2.20_2.3.3 Build 20251029

Hi there,

 

I am posting this back out there to get some status on this issue.  I used the same name from the only issue that I could find on the subject that hasn't been updated since 10/2024

 

When setting up a peer for Wireguard on the router directly (no Omada controller), you are only able to provide 1 CIDR for the "Allowed Ips" to send up the tunnel  

 

This is a real problem, as I have multiple networks that needed to be accessed from the peer connection.  The exact scenario for a site to site connection is described in the TP-Link community post (linked below), but I can't implement on the standalone ER605.  Please advise.  

 

https://community.tp-link.com/en/business/forum/topic/620506

  0      
 
  0      
 
#1
Options
5 Reply
Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
22 hours ago - last edited 21 hours ago

  @Unclebiscuits79 

 

I don't know if it will help but there is a slightly newer guide here.  I also don't know if using a different subnet mask might work, for example if all the networks are in the 192.168.x.x range, then the allowed IPs would be 192.168.0.0 and the CIDR would be /16.

 

1x ER7406 1x OC300 4x SG2008 1x EAP610 3x EAP650-Desktop 1x EAP772-Outdoor
  0  
  0  
#2
Options
Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
21 hours ago

  @jra11500 

 

Can you point to how I add multiple subnets to the "Allowed IP" for the peer in the standalone mode.

 

I don't see that.  That is the issue.  

  0  
  0  
#3
Options
Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
21 hours ago - last edited 21 hours ago

  @Unclebiscuits79 

 

I just updated my last post.  After briefly researching the issue, it appears the single subnet limitation has been discussed on the forum several times.  Until a future firmware update resolves the issue when in standalone mode, the only solution is to use a controller.

 

1x ER7406 1x OC300 4x SG2008 1x EAP610 3x EAP650-Desktop 1x EAP772-Outdoor
  0  
  0  
#4
Options
Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
18 hours ago

  @jra11500 

 

Thanks for your help.  Yep, the issue that I saw was from 10/2024 so I figured I would ask to see if there was some workaround to make this work correctly.

 

I find it unreasonable to have to purchase/use two separate devices to do one thing (Wireguard) correctly.

 

Do all ER models have this problem, or just the ER605?

  0  
  0  
#5
Options
Re:ER605 v2 Wireguard Peers Allowed IPs standalone (repost)
7 hours ago

Hi  @Unclebiscuits79 

ER605 does not support this feature in standalone mode currently, but the following three models support multi-subnets for allowed-ip in Wireguard VPN in standalone with the pre-release firmware.

https://community.tp-link.com/en/business/forum/topic/857562
https://community.tp-link.com/en/business/forum/topic/857568
https://community.tp-link.com/en/business/forum/topic/857570

 

ER605 would support this with the following firmware update, you may try to use the free software Controller as a work-around at the moment.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#6
Options

Information

Helpful: 0

Views: 82

Replies: 5

Tags

WireGuard
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.