L2TP/IPSec passthrough issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

L2TP/IPSec passthrough issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
L2TP/IPSec passthrough issue
L2TP/IPSec passthrough issue
2020-03-03 14:42:52
Model: Deco M9 Plus  
Hardware Version:
Firmware Version: 1.3.0

Hi there, I have successfully tested OpenVPN and PPTP to gain access to my Synology NAS drive by opening up the relevant ports in the Deco app. When I do the same for UDP ports 1701, 4500 & 500 I cannot make a connection using L2TP/IPSec.

 

I have tested this successfully on my local network by connecting directly to the NAS using L2TP/IPSec and all is OK. It is only when trying to connect remotely through the forwarded ports that I fail to make a connection. Any suggestions would be much appreciated (I tried to log this as a support request, but it keeps failing on submission)....

  0      
  0      
#1
Options
6 Reply
Re:L2TP/IPSec passthrough issue
2020-03-12 08:33:51

@MarkPayne 

 

What about the current network diagram? 

 

And what is the operating system of your computer which is used to access the NAS? 

 

Good day. 

 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#2
Options
Re:L2TP/IPSec passthrough issue
2020-03-12 08:45:36

@Kevin_Z 

 

Thanks for the reply. Had a fey responces from TP-Link (seems the support email did go through after all).

 

I havent got a diagram. Its pretty simple though. Two TP-Link switches connected together, and then one uplink to the Deco M9 master, which in turn is connected to a BT modem and out. 

 

I'm connecting with Windows 10 to my NAS (linux). Connecting locally using L2TP is fine as a test, but remotely does not connect. Yesterday a friend tried to connect using linux remotely but it also failed. TP-Link reported a known UDP error with Windows 10, but it didnt seem to affect me (internally anyway). 

 

Also, I downloaded nmap and performed an intense scan both internally and externally. Interestingly it states that 500 & 4500 UDP ports are open (for both), however it does not show the other required UDP port as open (1701). Maybe this is the key, though as I say I could connect locally fine.

 

Cheers,

 

Mark

  0  
  0  
#3
Options
Re:L2TP/IPSec passthrough issue
2020-03-12 08:57:48

@MarkPayne 

 

Hi Mark, thanks for your information.

 

You can refer to the instructions below to give it a go.

https://support.microsoft.com/en-us/help/926179/how-to-configure-an-l2tp-ipsec-server-behind-a-nat-t-device-in-windows 

 

Any updates, be free to let us know. 

 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#4
Options
Re:L2TP/IPSec passthrough issue
2020-03-12 09:01:46 - last edited 2020-03-12 09:02:19

@Kevin_Z 

 

Hi Kevin,

 

Yes, this is the one that I tried before and it didnt work for me. As I say, a friend tried to connect remotely with a linux client and could not connect either.

 

Cheers,

 

Mark

  0  
  0  
#5
Options
Re:L2TP/IPSec passthrough issue
2020-03-13 06:13:46

@MarkPayne 

 

Hi Mark, thanks for your information. I found that you have raised a support ticket email already, and you mentioned that there is an Android device can connect to it without any problem, so it is not the port forwarding issue on the Deco, instead, it has something to do with the computer settings. 

 

If you would like to figure it out, it is suggested to keep in touch with us via email, for now, we are not able to give you a specific answer. 

 

Good day. 

 

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Connect TP-Link Archer BE550 to Germany's DS-Lite (Dual Stack Lite) Internet via WAN Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer AX90 New Firmware Added Support for EasyMesh and Ethernet Backhaul If you found a post or response helpful, please click Helpful (arrow pointing upward icon). If you are the author of a topic, remember to mark a helpful reply as the "Recommended Solution" (star icon) so that others can benefit from it.
  0  
  0  
#6
Options
Re:L2TP/IPSec passthrough issue
2020-03-13 08:23:38

@Kevin_Z 

 

Hi Kevin,

 

Apologies for the delay in getting back to update the thread. Yes, a friend yesterday managed to connect with an Android client, yet could not connect with a Windows 7 client and the registry edit. Conversely, I did the edit on my workstation at home, and managed to connect OK. However, previously I did this on my Dell laptop and could not connect.

 

Am in total agreement though that it is not a port fowarding issue as originally suspected. Many thanks to all for the continued support.

 

Cheers,

 

Mark

  0  
  0  
#7
Options