Business Community > Routers > TP-R600VPN IPSec working but Local LANs can't talk
< Routers

TP-R600VPN IPSec working but Local LANs can't talk

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TP-R600VPN IPSec working but Local LANs can't talk

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TP-R600VPN IPSec working but Local LANs can't talk
TP-R600VPN IPSec working but Local LANs can't talk
2016-12-30 10:15:36 - last edited 2021-04-19 11:34:31
Model :

Hardware Version :

Firmware Version :

ISP :

I'm using two TP-R600VPN routers to create an IPSec tunnel over the internet, to connect a satellite office to my main office.
The IPSec SA is up and I see the inbound and outbound connections on both ends.

But I can't get anything on the two separate LANs to see each other.

Do I need to configure anything other than the IPSec to get the LANs bridged?

If I try and add a Static Routing entry, it tells me that it conflicts with me IPSec policy.

But I can't even ping one router from the other, despite the IPSec policy being live.

Any suggestions?

For reference, my Headquarters uses TP-R600VPN at a public IP and local subnet 192.168.1.0/255.255.255.0 while my Remote office uses a TP-R600VPN at a public IP and local subnet 192.168.10.0/255.255.255.0.
I can see the IPSec policy active on both. I can ping each public IP of from the other router.
But if I try and ping the local IP of either from the other, it fails. i.e, I can't Ping 192.168.10.0 from 192.168.1.0 and vice versa.

What am I missing?
  0      
 
  0      
 
#1
Options
7 Reply
Re:TP-R600VPN IPSec working but Local LANs can't talk
2016-12-30 13:48:50 - last edited 2021-04-19 11:34:31
the static route entry is not needed, is there any firewall or anti-virus software installed on your computer?
  0  
  0  
#2
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2016-12-30 19:30:16 - last edited 2021-04-19 11:34:31
Thanks. There is a firewall and anti-virus on my computer, but maybe I wasn't clear. I'm not pinging from my computer, which is remote from both of the vpn routers. I'm pinging from the diagnostics page of the routers themselves. I did try turning off the SPI firewalls on both routers temporarily but that didn't help.
  0  
  0  
#3
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2016-12-30 20:39:54 - last edited 2021-04-19 11:34:31
I guess the question is, shouldn't the two routers be able to ping each other over the IPSec tunnel? Or only device-to-device across LANs through the tunnel?
Is there any way to confirm routing is happening as it should if my remote VPN doesn't have any devices currently connected? I can see the tunnel exists; I just can't confirm access to anything on the remote LAN.
I thought pinging router to router should pass through the tunnel, but that doesn't appear to be the case.

Thx again,
  0  
  0  
#4
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2016-12-31 10:31:18 - last edited 2021-04-19 11:34:31
We are experiencing the same problem. Both routers show the connection is active in "SA List".

When trying to do a TraceRoute from the Diagnostics page, one router starts with itself as the first hop, the other router never finds the first hop. Neither router can successfully traceroute to the other network.
  0  
  0  
#5
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2017-01-24 11:35:19 - last edited 2021-04-19 11:34:31
Hi guys, the issue you describe is strange. Maybe you can clear your setting on the router and have a try again. If the problem still exits, you can contact the Technical Support of TP-Link and send your config file to them to have a check.
  0  
  0  
#6
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2018-09-12 10:38:53 - last edited 2021-04-19 11:34:31

Same issue here. For some time both routers was working like a charm with IPSec Site-To-Site - tunnel established and pings in both ways.
Now for unknow reason I see the tunnel on list but I can't connect with even router on other side - ping doesn't work too. Even adding rule for NAT traffic redirection didn't helped. Disabling FW - no joy. Clearing to factory defaults and manual configuration step-by-step to avoid importing unwanted mess from config dump - still the same.

 

Hardware: TL-R600VPN v4

Firmware: TL-R600VPN(UN)_v4_20180530

 

Idea left:

- firmware downgrade for test

- bring 2 routers and connect them directly - test if there are any influences from operators

- grab other vendor :/

 

Somebody from here solved this issue during last years?

  0  
  0  
#7
Options
Re:TP-R600VPN IPSec working but Local LANs can't talk
2020-01-24 20:45:59 - last edited 2021-04-19 11:34:31

@coche158 

 

Disable windows firewall in both sides and try to ping again

  0  
  0  
#8
Options

Information

Helpful: 0

Views: 1727

Replies: 7

Related Articles
 R600VPN & IPsec
884 0
 IPsec Problem with ER6120 and R600VPN
2233 0
 TL-R600VPN - LAN port vs WAN/LANs
1879 0
 TL-R600VPN v4 : L2TP not working when used over IPSec and NAT
2470 0
How can I connect two LANs?
2203 0
 TL-R600VPN IPSec VPN drops
284 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.