I aim to setup a VPN server using this router model, WAN connected behind the ISP provider fiber router with NAT.

ER605 with WAN fixed IP and DMZ setted to this IP on the ISP router.

Folowing the available TP-Link documents, I was able to successfuly estabilish a PPTP Client-Server VPN connection, between my Windows 11 client, and the ER605 router.

Internet --> fiber -->ISP Router-->ISP Router LAN port4 (192.168.1.254) --> ER605 WAN (192.168.1.253)

After this I tried to setup an IKEv2 PSK tunnel but I could never get the VPN up either on Windows 11 or Android 14.

I followed this document: https://www.tp-link.com/br/support/faq/3447/

In this thread: https://community.tp-link.com/en/business/forum/topic/643176?sortDir=ASC&page=1 , is stated that the only solution is for the ER605 WAN be connected to a bridge and not behing a NAT. At this point I still have it behind the ISP router NAT.

The problem is that I already connected my Win11 client LAN (192.168.1.100) directly to the ER605 WAN (192.168.1.253) and could not estabilish a IKEv2 connection. With PPTP stil can connect with no problem.

Is there any development on the ER605 router that makes it able to use IKEv2 behind a router NAT?

Why can't I connect via Win11 client, using IKEv2 while being directly connected to the ER605 WAN port, but using PPTP the connection is successfully established?

I hoppe I did not confuse you.