MR600 error 403 when trying to access router's settings over VPN
Hello.
I can't log in to my router when connected with VPN, getting error 403. I have set port 80 in the local management. The router and other devices respond to ping. I'm using 4G and I have a public ip address and connected no-ip ddns.
My network setup.
VPN Client (10.10.30.0 \ 24) -> VPN network (10.10.22.0 \ 24), Local Network (10.10.23.0 \ 24) on TP-Link MR600
The router (10.10.23.1) refuses access and gives error 403. How would I go about fixing this?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi, you are using LAN IP address of the MR600 to access its web interface via VPN, right? If so, it is normal that it will return error 403 as it is designed this way for security considerations, if necessary, please enable remote management on the MR600 and use the 4G WAN IP address of the MR600 to access its web interface remotely.
- Copy Link
- Report Inappropriate Content
Hello,
I just can't believe that it's designed this way for "security considerations". I'm utterly dumbfounded. Are you suggesting that I leave my router exposed to the internet and place myself at risk so that I can manage it. How is that more secure? I can't believe the people at TP-Link are this shortsighted and not allow management from the VPN network. Just add a checkbox in the settings to allow access. This is not a solution.
- Copy Link
- Report Inappropriate Content
I also have tried blocking / redirecting the DNS queries, but this results in the router getting stuck in retry loop (thousands of requests a minute), and a big spike in router CPU usage as a side effect. The fix really needs to come from TP-Link.
- Copy Link
- Report Inappropriate Content
Hello i also have this problem.
When i connected with OpenVPN i can`t access to router with local ip address. (error 403).
when i enable remote management for now it`s the only way to access to the router i don't have all options in menu.
few options like update firmware is missing :/
i think OpenVPN with aes encryption is secure (more secure than enable remore managment) so why tplink block access to device in vpn tunel ?
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
So i add under archer mr 600v3 second ip address in Advanced -> Network -> LAN Settings and now i can log to the router in vpn tunel and i have all options in menu but it works only for first router restart :/ after i login to mr600 i have error code 71241 cant get mac computer address but it still works and i can login without 403 error but after reboot (i have in options set restart everyday) openvpn stop working - i have error 7813 the vpn subnet/netmask and LAN IP address cannot be in the same subnet.
So this solutions to add second ip address works if router will be not restart ;/
- Copy Link
- Report Inappropriate Content
Hello,
I can also confirm that adding a 2nd ip as the vpn network works, but you can not reboot the device. After a reboot the VPN server shuts off, because there is a conflict between 2nd ip and vpn ip.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1479
Replies: 7
Voters 0
No one has voted for it yet.