Site to Site VPN With Deco x50

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Site to Site VPN With Deco x50

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Site to Site VPN With Deco x50
Site to Site VPN With Deco x50
2023-08-25 19:53:29
Tags: #VPN
Model: Deco X50  
Hardware Version:
Firmware Version:

Hello Guys,

 

I've been using Deco X50 for the past good one year and I am really happy with its performance. 

 

I am trying to achieve something here but I simply cannot do it. Maybe I am wrong or the DECO X50 just does not have this as a feature.

 

What I am trying to do is this: My main House A has a Deco Mesh set up and my ISP provides Dynamic IP that's why I am using TPLINKDNS Option. I have a remote House B which has its own ISP this time with Static Public IP. I am trying to set up a VPN Server on the Deco in House A and use the built in VPN Client of the Router that I have in House B. When I set up everything on the Deco using IPSEC (setting up a VPN Server using IPSEC Protocol) and I connect to it from House B the connection is successful and the computers in House B can connect to the ones in House A. However the ones in House A cannot connect to the ones in House B. Is that working by design with a One Way connection or I am doing something wrong?

 

Regards,

Vasko

  0      
  0      
#1
Options
6 Reply
Re:Site to Site VPN With Deco x50
2023-08-26 00:59:13

  @Torbov I don't have the ability to duplicate your problem here so not sure what I say will help.

 

Presumably the X50s both used the same network address range before you tried to set this up so you must have changed the network address range on one of the sites, right?

 

So what is your network addressing and the VPN configuration you are using at each site?

  0  
  0  
#2
Options
Re:Site to Site VPN With Deco x50
2023-08-26 08:55:47

  @raven-au Site A has a Deco X50 mesh on which I created a VPN server using the IPSec. Site B is not using Deco it has its own router that has build in VPN client cabalities. So we don't talk about Deco to Deco VPn here.

  0  
  0  
#3
Options
Re:Site to Site VPN With Deco x50
2023-08-26 09:01:52
Image Caption

  @raven-au Site A has 192.168.68.0/24 and Site B has 192.168.8.0/24

 

VPN server created on the Site A using the Deco VPN built in server using IPsec and aetting are below:

 

  0  
  0  
#4
Options
Re:Site to Site VPN With Deco x50
2023-08-26 10:05:11

  @Torbov that looks ok to me.

 

I wonder if you need a static route for the direction that isn't working, I don't think that a route would be added automatically ... 

  0  
  0  
#5
Options
Re:Site to Site VPN With Deco x50
2023-08-26 17:05:26

  @raven-au sorry for the dumb question but on which aite should i put a stati route and what should it be as i am really bad with those routings.

  0  
  0  
#6
Options
Re:Site to Site VPN With Deco x50
2023-08-28 02:33:20

First I would make the remote client ip address a range, say 192.168.8.0/24.

 

I think you need a static route at site A for the network at site B, that's what isn't working right?

 

Ideally one would use a device route but almost always domestic routers don't include ainterface names other than WAN and LAN if they have an option for device at all.

 

So you need to work out what needs to be used as the gateway in the static route dialog.

That's not easy to do but you have the VPN enabled so you might be able to get the information you need.

 

If a device route could be used it would be the interface name of the VPN at site A.

The VPN address of site A, if you can get that, might work, or the VPN address of site B might work but I doubt it.

The other information for the static route form would be the network, 192.168.8.0 and mask 255.255.255.0.

 

Note that if the static route dialog requires you to make a setting there and you cannot select your VPN interface you might not be able to use a static route for this.

 

You might have more chance of getting OpenVPN working than IPSEC since you can specify things like a route on the server to be pushed to the client or on the client itself wherever it's possible to do so.

  0  
  0  
#7
Options