@CS041 

Thanks for reaching out. I understand that after upgrading your Deco Mesh system, your WireGuard VPN server (running on another device) can connect, but you cannot access internal or external resources through the VPN. You mentioned this issue also occurred with another recent Deco model, so it seems related to newer Deco units.

Here are some troubleshooting steps to help resolve VPN server connection issues with Deco Mesh:

1. Unable to connect to the VPN Server on Deco:
• To use the VPN Server (including OpenVPN/WireGuard/PPTP/L2TP) on Deco, a public IPv4 address is required. IPv6 VPN Server is not supported on Deco yet.
• Go to the Deco App > MORE > Internet Connection > IPv4, and check if your WAN IP address is public. If your ISP provides a private (non-public) WAN IP, VPN Server functionality will not work.
• If there is another router in front of your main Deco, you must set up port forwarding on that router to allow VPN traffic to reach your Deco.

2. Remotely connected to VPN Server on Deco but no Internet or internal access:
• If you have no Internet after connecting to the VPN, open the Deco App > MORE > VPN > VPN Server, tap on the VPN Server you created, and ensure that 'Client Access' is set to 'Internet and Home Network'. The 'Home Network Only' mode does not allow Internet access through the VPN.
• If you cannot access home network resources (such as servers or NAS devices), check the firewall settings on those devices. Since VPN clients are on a different subnet, you may need to adjust firewall rules to allow access.

If the issue persists, please contact TP-Link support and provide the following information:
• Your WAN IP address
• Screenshots of your VPN Server configuration
• Screenshots of your VPN Client configuration (on your phone or laptop)
• VPN connection logs (for example, OpenVPN logs) from your client device, if possible

This information will help us diagnose the issue more efficiently.