ER8411 VPN issues
ER8411 VPN issues
Just got an Er8411 and trying to configure VPN..openvpn and SSL-VPN will connect and traffic starts to pass. I connect to a computer over the VPN and it will connect and then just stops responding. it worked on my ER605. is this thing reall that awful?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
there is nothing to indicate that those who program these routers know about this problem, support knows it very well but I don't think it has been reported to those who can do anything about it. so there are still a lot of problems with this router unfortunately. I have been in contact with support about this several times but it does not seem that it is being reported further, so I have given up on that support
Do any of you know if this is being worked on or reported to those who program this router? I have now had the router for 5 months. but still can't use OpenVPN or SSL VPN, there are also many people on the forum who have the same problem.
it would be nice to have feedback on what is happening with this problem.
- Copy Link
- Report Inappropriate Content
@shberge it is really getting me. I can connect with ssl or open vpn. I can connect to file shares remote and transfer back and forth. I can connect via rdp to a server desktop but it just hangs. I can't figure it out, traffic with the rdp session just stops
- Copy Link
- Report Inappropriate Content
I get communication with SSL VPN, but it's incredibly slow, about 30Mbps. at the same time as I activate SSL VPN all IPsec traffic stops, so all site to site vpn do not work until I deactivate SSL VPN, and restart the router, OpenVPN client on ER8411 against an OpenVPN server on linux only works if I use TCP, this also very slow, about 30 Mbps
- Copy Link
- Report Inappropriate Content
Hello @Robbp12 ,
Thank you so much for taking the time to post the issue on TP-Link community!
To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID230408911, please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
Many thanks for your great cooperation and patience!
- Copy Link
- Report Inappropriate Content
Hi @shberge ,
Sorry for hearing you still suffering the VPN issues.
The support engineer and R&D department have been concerned about the VPN feedback but the issue is still unclear.
And it is hard to say the VPN issues you're experiencing are EXACTLY the same as the issues others are experiencing and they need to be investigated further.
If you are willing to cooperate with the engineer to further troubleshoot the issue, we would like to help you escalate the case.
- Copy Link
- Report Inappropriate Content
I have tried support and this give no god answer, and I cant use all my time to help them with a bug from tp-link, but for me it look like they know about the problem for a long time, here is answer from support for many month ago. I told them that I can do a test if they have a beta to try out but I have never heard from them again.
Dear Customer,
Hello and thank you for contacting TP-Link support.
1. The CPU is in the normal range, because there are some high-performance data processing, the software process usage will be high
(This point is magically fixed with latest update so it wasn't so normal)
2. There will be some problems when using IPsec and OpenVPN together, it is recommended to use it alone
3. For OpenVPN, we would like to recommend choosing the TCP protocol
(TCP Worked but I had to install a separate OpenVPN linux server only for the ER8411 with TCP, I could not use the existing server since it used UDP)
4. Due to working mechanism of ER605 and ER8411 is a little bit different, so we don't suggest you use Ipsec VPN and OpenVPN at the same time.
So in short, my solution works but with some workaraound, SSL VPN I can't use but it's not something I need now but I think SSL VPN and OpemVPN problem are related, to me it seems like a UDP problem, SSL VPN can't use TCP therefore it does not work together with Ipsec Site to Site.
- Copy Link
- Report Inappropriate Content
I used custom config for SSL OpenVPN to change keepalive and ping-restart, In this way you can change UDP to TCP.
1. Add this line
*/3 * * * * /bin/sh /tmp/userconfig/etc/my_custom_script.sh 2>/dev/null
to /tmp/userconfig/etc/crontabs/root
2. my_custom_script.sh
#!/bin/sh
file_path="path to your config file"
search_string="keepalive 5 60"
if grep -q "$search_string" "$file_path"; then
file_path="path to your config file"
backup_path="path to your new config file"
cp "$file_path" "$backup_path"
search_string='push "ping 5"'
replace_string='push "ping 3"'
sed -i "s/$search_string/$replace_string/g" "$backup_path"
search_string='push "ping-restart 60"'
replace_string='push "ping-restart 28800"'
sed -i "s/$search_string/$replace_string/g" "$backup_path"
search_string='keepalive 5 60'
replace_string='keepalive 3 28800'
sed -i "s/$search_string/$replace_string/g" "$backup_path"
sleep 120
mv "$backup_path" "$file_path"
/etc/init.d/sslvpn reload
else
:;
fi
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Same thing goes to me waiting ER8411 IPSec Site-to-Site tunnel slow throughput (Less than 1Mbps) issue to be resolved by TP-Link team.
Hi @Hank21 @Fae , do you have timeline when the VPN issue for ER8411 can be resolve? Currently I still relying site to site VPN using ER605 which is more stable and speed can achieve more than 200Mbps. I hope can hear from you soon.
Thanks.
- Copy Link
- Report Inappropriate Content
IPsec work pretty good for me but if you use OpenVPN or SSL VPN then IPsec is destroied.
So my advice is to remove all settings from SSL VPN reboot router, then You can use OpenVPN but only with TCP, Not UDP that is deafult.
OpenVPN is also paintfully slow, for me about 20-30 Mbps MAX.
to be honest, we have been very patient in this case, such a serious error is very embarrassing for tp-link, it also doesn't seem like they have competent people to fix the problem.
because the router has a different working mechanism that makes it difficult LoL Or what @Fae
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2470
Replies: 11
Voters 0
No one has voted for it yet.