Client IPSEC VPN on TP-LINK routers

pajkico
pajkico used Ask the Experts™
on
We have issues while setting up client VPN on TP-LINK TL-ER6120 and TL-ER6020 routers. Even when it is connected, we are unable to ping the inside hosts.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Can you connect by IP Address?

Can you / did you enable NAT Traversal in your VPN Tunnel?

Is the setup Site to Site?  Or Client to Gateway?
pajkicoPresident

Author

Commented:
the first time we setup ER-6120, it was connecting, but the next day it was not pinging the local host. It is a client VPN, not a site-to-site.

I asked client to update firmware on all of those routers, and the firmware is now up to date.

The last info is that the client VPN connects, but can't ping local host. we enabled IPSEC pass-through on both routers.

do not know where to  enable "NAT Traversal" on the router though...
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
NAT Traversal only relates to Site to Site and you say this is client to Gateway. NAT Traversal should be handled by the client.

What client software do you use?  I use NCP Secure Entry (www.ncp-e.com).
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

pajkicoPresident

Author

Commented:
we have used TheGreenBow VPN Client, did not test with any other VPN clients...
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Try a trial version of NCP to see if it works. It is bomb-proof for me.
pajkicoPresident

Author

Commented:
I could, but the problem is most likely on the TP-LINK router...
Business Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
You need to check all the IPSec settings. About a dozen. And you need to determine if you are trying to access behind a double NAT (which is why you may need NAT Traversal

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial