Route all traffic throught VPN with TP-Link MR3020

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Route all traffic throught VPN with TP-Link MR3020

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Route all traffic throught VPN with TP-Link MR3020
Route all traffic throught VPN with TP-Link MR3020
2021-05-19 19:27:01 - last edited 2021-09-06 15:31:49
Model: TL-MR3020  
Hardware Version:
Firmware Version:

I've established successfully a VPN-Connection to my home-network. 

All Devices connected to the MR3020 Wlan (remote devices) are allowed to access the home devices.

 

BUT:

The external IP of the remote devices is still not the external IP of the home router. 

Also the remote devices are not using the configurated home DNS-server (pihole)

 

how can i send ALL the traffic back home before entering the public internet? Or am I missing something? 

 

 

Thanks for advices. 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Route all traffic throught VPN with TP-Link MR3020-Solution
2021-08-21 13:58:59 - last edited 2021-09-06 15:31:49

@Patrick_Kalka 

 

If the MR3020 doesn't provide an explicit setting within its setup GUI to configure how Internet access is handled, then I doubt you can do much here.

 

Recommended Solution
  0  
  0  
#3
Options
5 Reply
Re:Route all traffic throught VPN with TP-Link MR3020
2021-08-20 11:43:48
*push* I'm still looking for davices. The discussion on Strongswarn leads to "insert 0.0.0.0" but thats not allowed. https://github.com/strongswan/strongswan/discussions/464
  0  
  0  
#2
Options
Re:Route all traffic throught VPN with TP-Link MR3020-Solution
2021-08-21 13:58:59 - last edited 2021-09-06 15:31:49

@Patrick_Kalka 

 

If the MR3020 doesn't provide an explicit setting within its setup GUI to configure how Internet access is handled, then I doubt you can do much here.

 

Recommended Solution
  0  
  0  
#3
Options
Re:Route all traffic throught VPN with TP-Link MR3020
2021-09-01 12:22:49

@woozle Also TP-Link Support smashed my hopes.

 

Sehr geehrter Kunde,

 
Vielen Dank für Ihre Rückmeldung.
 
Der MR3020 mit aktueller offizieller Firmware untertützt die Eingabe vom 0.0.0.0 im Sinne "any IP" wie gesagt nicht.

Sollten Sie die kompletten Parameter, inkl. VPN Subnetz kennen, so kann sich der MR3020 mit dieser Parametrisierung einwählen.

Sollten Sie entweder die Parametrisierung der Gegenstelle nicht kennen oder sollte der Server keine spezifische VPN Subnetzeingabe ermöglichen gibt es mit der aktuellen offiziellen Firmware keine bekannte Alternative zur Verbindung.

 

 

So no 0.0.0.0 - Ip, no traffic management. 

 

 

 

What leads to my initial question (what should have been asked at the beginning) ^^ 

Am I right with the following

 

If the MR3020 is connected with an insecure hotel-Wlan, an my Clients an connected with the secure MR3020 WLAN, the connection still has to be considered as inscure right?
thinking about Packetsniffing or something.

  0  
  0  
#4
Options
Re:Route all traffic throught VPN with TP-Link MR3020
2021-09-01 20:22:03

@Patrick_Kalka 

 

Yes, if the Internet traffic can't be routed through the VPN tunnel between the MR3020 and your home network, then the connection from the MR3020's client's to the Internet through the open hotel Wi-Fi must be considered insecure.

 

However, nowadays almost all websites use HTTPS and hence the communication is encrypted. And if you still came across an insecure one, then modern browsers won't let you go there straight away, if at all.

 

Similar for e-mail. All the providers I am familar with offer encrypted connections. (I am talking about encryption between the e-mail software and the e-mail server, not sender-to-receiver encryption)

You just have to make sure the mailboxes you've setup in your e-mail software are configured to use the secure protocols.

 

Sending and receiving messages via iPhone and WhatsApp and the likes should be secure too.

 

Of course, someone with a packet sniffer could still see which Internet servers or websites you connect to. And, for example, a connection to a FTP server on the Internet that still uses plain old FTP would be wide open.

 

  1  
  1  
#5
Options
Re:Route all traffic throught VPN with TP-Link MR3020
2021-09-06 15:31:32
I appreciate your commitment. I will probably have to leave the subject as it is for now. I plan to take a Raspberry Pi with Pihole with me, maybe I can use it to build in additional http blocks.
  0  
  0  
#6
Options