Home Network Community > Wi-Fi Routers > VPN and SPI
< Wi-Fi Routers

VPN and SPI

VPN and SPI

VPN and SPI
VPN and SPI
2024-04-01 13:01:31 - last edited 2024-04-02 03:08:44
Tags: #VPN #SPI
Model: General Product  
Hardware Version: V1
Firmware Version: 0.4.0 3.0.0 v608b.0 Build 240122 Rel.66930n

Hi,

 

I have set up OpenVPN on my EB810V router. 

 

I find that it does not work. Although the VPN does connect, I find that I cannot access services on my internal network (e.g., HTTPS) when the SPI Firewall is enabled.

 

If I disable the SPI Firewall, the same services are accessible.

 

Is this a bug? Is there a workaround?

 

I do not feel safe leaving SPI switched off.

 

Thank you!

 

 

  0      
 
  0      
 
#1
Options
4 Reply
Re:VPN and SPI
2024-04-02 03:20:10

  @Bussiere 

 

Hi, EB810V is your OpenVPN Server, right? do you have Archer BE800 or not?

Please let us know your network topology and which device/service you are trying to access via the VPN, like https service of the EB810v itself, or https service of a client device within the EB810v LAN network?

 

In addition, EB810v is an ISP model actually, did you get it from your ISP? You could refer to this guide for a try: Why can’t I access or discover certain devices over VPN?

TP-Link Annual Community Survey | Help Shape Our Community Throughout 2024!
  0  
  0  
#2
Options
Re:VPN and SPI
2024-04-02 05:11:01

 

@Sunshine 

 

Thank you for your response.

 

To answer the questions:

 

  • The EB810v is my OpenVPN Server.
  • I am assuming that the EB810v is similar or the same firmware as the BE800, please correct me if wrong. 
  • I got the EB810v from my ISP, Starhub.

 

Here is a diagram of the topology with an explanation of what happens when the SPI is on and what happens when the SPI is off. In a nutshell, SPI on = does not work, SPI off = works. This should not be the case.

 

Thank you for your help with this.

 

 

 

 

 

 

Sunshine wrote

  @Bussiere 

 

Hi, EB810V is your OpenVPN Server, right? do you have Archer BE800 or not?

Please let us know your network topology and which device/service you are trying to access via the VPN, like https service of the EB810v itself, or https service of a client device within the EB810v LAN network?

 

In addition, EB810v is an ISP model actually, did you get it from your ISP? You could refer to this guide for a try: Why can’t I access or discover certain devices over VPN?

 

  0  
  0  
#3
Options
Re:VPN and SPI
2024-04-02 05:11:58
Also, I tried the recommendations in the guide, and they did not solve the problem.
  0  
  0  
#4
Options
Re:VPN and SPI
2024-04-03 02:52:40

  @Bussiere 

 

Hi, since ping works fine when SFI Firewall is enabled, we could confirm that the VPN traffic is not blocked by the SPI Firewall.

Actually we've run similar tests on our end with other retailer version product and could confirm that accessing internal http/https server via VPN is working fine with SPI firewall enabled, so the issue in your case could be related to your internal servers.

Since EB810v is an ISP model, we community team don't have related information and cannot follow up, if you have any further questions, it is recommended to contact your ISP, if the issue is indeed with the product, the ISP should report to ISP models related support team.

TP-Link Annual Community Survey | Help Shape Our Community Throughout 2024!
  0  
  0  
#5
Options

Information

Helpful: 0

Views: 156

Replies: 4

Tags

VPN
SPI
Related Articles
AX55 VPN Client L2TP and OpenVPN
1766 0
spi fierwall closes port 80
707 0
M7000 Router with VPN GRE Error?
200 0
Router with both: OneMesh and VPN Server functionality?
191 0
VPN is always "Connecting"
248 0
VPN setup on Ax5400
1199 0
About Us
Press
Copyright © TP-LINK CORPORATION PTE. LTD. All rights reserved.