Hi,

I am trying to set up a IPSec site-to-site VPN between my AVM Fritz!Box 7490 (192.168.0.1) and TP-Link Archer MR600 (192.168.1.1). The setup was reasonably straight forward, and the connection seems to succeed. I can connect from any device on the Archer side to any device on the Fritzbox side (ssh, http etc work fine), however the other direction I get timeouts - this feels to me like a firewall issue. The (anonymised) configs are:

Archer:

Fritz!Box (in german, but should be fairly self-explanatory):

Any ideas would be welcome.

EDIT: Further investigation has revealed that if I turn on Remote Mangement on the Archer side, I can access the Archer webinterface through the VPN at http://192.168.1.1. So clearly the VPN is working fine, it is just that the Archer does not allow new connections VPN->Archer local subnet.

Unfortunately there is no UI option to configure the firewall, so this is either a bug or intended behaviour.