Cannot access WDR3600 from another subnet (VPN)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Cannot access WDR3600 from another subnet (VPN)

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Cannot access WDR3600 from another subnet (VPN)
Cannot access WDR3600 from another subnet (VPN)
2023-08-22 09:15:47
Tags: #VPN
Model: TL-WDR3600  
Hardware Version: V1
Firmware Version: 3.14.3 Build 150518 Rel.72050n

Hello,

 

I cannot access web management of WDR3600 from another subnet, specifically when I am connected over VPN to ER605 router. I need to be able to access WDR3600 web management over VPN to manage WDR3600 in case of problems while I am away from home.

 

I use OpenVPN and ER605 gives OpenVPN addresses subnet of 255.255.255.255 and IP address range 192.168.1.0/24. WDR3600 is on subnet of 255.255.255.0 with static IP address of 192.168.0.2. When I am connected to local network I can obviously access WDR3600 but over VPN I cannot. I can access all other LAN devices over VPN. From doing a bit of research it seems WDR3600 is blocking access from that other subnet.

 

How do I fix this problem?

  0      
  0      
#1
Options
9 Reply
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-22 13:37:06 - last edited 2023-08-22 20:02:54

  @pajtaz 

 

Have you tried to enable the remote management for WDR3600:

 

 

What's the WAN IP address of the WDR3600 ? Is it a part of your lolcal network subnet ?

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  0  
  0  
#2
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-22 13:38:06

  @terziyski I tried that, I tried that plus static routing, nothing works.

  0  
  0  
#3
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-23 02:06:10

  @pajtaz 

 

Hi, may I have a detailed topology of your network? how are the ER605 and WDR3600 connected?

 

Please confirm if WAN IP address of WDR3600 is a public IP or private IP, and are you trying to access WDR3600 via VPN by using LAN or WAN IP address of the WDR3600?

Nice to Meet You in Our TP-Link Community. Check Out the Latest Posts: Archer GE550 - BE9300 Tri-Band Wi-Fi 7 Gaming Router EasyMesh Is Available When Wi-Fi Routers Work in AP Mode as A Controller. Archer BE550 New Software Enhances System Stability and Optimizes MLO Network Stability. TL-WA3001 Supports EasyMesh, Speed Limit, Guest Network in AP Mode and/or Multi-SSID Mode. If you found the post or response helpful, please click Helpful. If an answer solves your problem, click "Recommended Solution" so that others can benefit from it.
  0  
  0  
#4
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-23 11:38:04

  @Sunshine Quick answer: WDR3600 is connected directly to ER605 over LAN port. WDR3600 is NOT using its WAN port to connect to ER605 but one of the 4 LAN ports. WDR3600 is "pass-through" so ER605 is DHCP servers and assigns IP addresses for wireless and wired clients connected to WDR3600. WDR3600 has a static IP address of 192.168.0.2 and ER605 has address of 192.168.0.1.

 

WDR3600 is private IP and I am accessing using the private IP address of 192.168.0.2 over VPN and over local network.

  0  
  0  
#5
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-23 17:56:19

  @pajtaz 

 

In this case the Remote Management configuration has nothing to do with WebGUI access.

What you can do is to connect ER605 to WDR3600 WAN port and set its IP address 192.168.0.2 (static).

Test the WDR3600 WebGUI access and if it doesn't work, it's probably due to the WDR3600 firmware (a security mechanism like HTTP Referer Head Check).

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  1  
  1  
#6
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-30 09:37:36

  @terziyski I tested it and it does not work over VPN. No matter what I do I cannot access the web management page over VPN.

 

For sure it is because of WDR3600 firmware. I cannot seem to find a way to disable that security protection. This is absolutely illogical: the whole point of VPN is to access local hardware from outside the network but then when I'm inside the network I cannot access the one of the main pieces of hardware I need to control.

 

Is there a way to disable this protection?

  0  
  0  
#7
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-30 12:11:15 - last edited 2023-08-30 14:45:07

  @pajtaz 

 

As you can see the WDR3600 is EoL (End of Life) equipment long ago - its latest FW release is from 2015.

The other way to remotely manage the router is through a Tether app, but the latest supported version by the router FW is version 2.2.0 and I doubt that you can use that as well.

I would buy a more recent hardware like Archer C64 (in AP mode - Case 1) which has the option "HTTP Referer Head Check" that could be disabled - check this story.

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  1  
  1  
#8
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-30 14:42:37

  @terziyski Honestly router works good enough for non-critical wireless devices, even though it locks up from time to time and that is why I sometimes have to restart it remotely.

 

What I will do is move the two "critical" devices from wireless to wired. This way I don't have to rely on WDR3600 to be operational all the time. It is a pity because it still works, why would I spend the money on a new device?

  0  
  0  
#9
Options
Re:Cannot access WDR3600 from another subnet (VPN)
2023-08-30 14:49:21 - last edited 2023-08-30 15:26:24

  @pajtaz 

 

Well, that's a valid point and a possible workaround for your issue. If the WDR3600 fails in time, you'll know what you should do.

The other approach would be to downgrad the FW to an earlier release (from 2014) and check if this would work as you expect.

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  0  
  0  
#10
Options

Information

Helpful: 0

Views: 871

Replies: 9

Tags

Related Articles