Weird L2TP+IPsec VPN issue on ER605v1
I've had some issues with my site-site connectivity recently, tunnel is up, IP based connections between sites are fine, but other connections (like local IOT to cloud) are not working. I noticed this in the local logs:
Router-52-BE: L2TP Client XXX connected to the server successfully. (Local IP:10.10.10.1, peer:172.31.126.1, DNS1:0.0.0.0, DNS2:0.0.0.0, MTU:1400.) |
and I wondered if that's normal, having 0.0.0.0 set as the DNS servers in the logs? I will do more debugging when I get back out to site, but it would explain a lot.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hello @d0ugmac1,
Could you describe simply your Network Layout? Did you use 2 ER605 V1 to set the site-site IPsec VPN?
Did you set one side to access the internet (full mode) through the L2TP VPN tunnel on the ER605 V1?
Where are the IOT devices located?
And it is normal that the DNS to show 0.0.0.0, it won't affect the data transmission.
- Copy Link
- Report Inappropriate Content
ER605v1 (1.2.3beta, server) <--> ER605v1 (1.3.0, client)
Both modems are bridged, so WAN ports have public IPs. Both have second WAN ports configured, but no active connection at this time. General connectivity between them is fine, and everything worked for over a year with 1.2.2 or earlier firmwares.
Recently, and I don't know if it is firmware, or the fact that I'm running my 605 to the point that it runs out of memory, but I've lost one specific function. The function that stopped running is a client-side VLAN (port and SSID) with a policy route via the L2TP tunnel endpoint. It was configured as a guest network (I have changed that recently but no impact). I have reset the client router, no change.
Symptoms are that the client gets a suitable IP for the VLAN, but can no longer reach the internet via the far end router.
- Copy Link
- Report Inappropriate Content
Hi @d0ugmac1,
To better assist you, I've created a support ticket via your registered email address, and escalated it to our support engineer to look into the issue. The ticket ID is TKID230624642 , please check your email box and ensure the support email is well received. Thanks!
Once the issue is addressed or resolved, welcome to update this topic thread with your solution to help others who may encounter the same issue as you did.
Many thanks for your great cooperation and patience!
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 543
Replies: 4
Voters 0
No one has voted for it yet.