Avatar of Zac123
Zac123Flag for United Kingdom of Great Britain and Northern Ireland

asked on 

Open port for VPN?

I'm trying to create a VPN connection between two TP link routers, VR600 & VR900. The control panels are virtually identical to each other.

Both locations have a fixed/static public IP address.

I have selected IPSEC, inputted the ip details, ensured that the two locations are on different subnets:
192.168.1.1
192.168.9.1

The routers allow me to save these settings without throwing an error but the connection is listed as being "down" on both routers so clearly something is not right.

Should i open a port? if so which one?  or is there anything else about what i have described that is wrong?
thanks
zac
RoutersInternet Protocol SecurityNetworking ProtocolsVPN

Avatar of undefined
Last Comment
noci
Avatar of Rob Williams
Rob Williams
Flag of Canada image

No need to open any ports if VPN is between the routers.
The subnets masks for 192.168.1.1 and 192.168.9.1 are 255.255.255.0 correct? and not 255.255.0.0
Avatar of Zac123
Zac123
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

i actually have it listed as:
"single address" - 255.255.255.255

maybe it should be "multi address" - 255.255.255.0

?
SOLUTION
Avatar of noci
noci

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
Avatar of Rob Williams
Rob Williams
Flag of Canada image

Where you are wanting to access other devices on the respective networks it should be 255.255.255.0
Thought that could stop communication, it wouldn't cause the tunnel to be down.  Sounds like a configuration error
Avatar of arnold
arnold
Flag of United States of America image

Not clear vr600 includes VPN capabilities.

You need to make sure you hve the configuration as. Mirror?
SIde A
Side B WAN IP
Local LAN Segment:
Remote LAN segment::
Key lifetime, refresh ...
Encryption/encapsulation
Passphrase/secret word

Side B, the
Side A WAN IP
The two have to be flipped from what is shown on Side A
Everything else has to remain the same.
Avatar of Zac123
Zac123
Flag of United Kingdom of Great Britain and Northern Ireland image

ASKER

ok, sorry for wasting your time. I have been onto TP link support chat, and it turns out.....

"This still needs to go through a VPN server. Because the routers do not have built in VPN and only passthrough. So you will need a VPN provider for such set up "

sorry about that everyone.
ASKER CERTIFIED SOLUTION
Avatar of Zac123
Zac123
Flag of United Kingdom of Great Britain and Northern Ireland image

Blurred text
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Avatar of arnold
arnold
Flag of United States of America image

noci provided the information you need once you setup a system on each side that can handle a VPN connection. Look at untangle as a starting point.
Then you would forward port 500/4500 to that IP if using ipsec. you could use openVPN between them. by opening other ports that on each side points to the internal system where the VPN starts and ends...
Avatar of noci
noci

Be sure to use UDP based OpenVPN if you go that route. TCP over TCP can quickly become a nightmare if you go across a network with some packet loss.

Wireguard maybe an other option, it is especially handy with mobile equipment because u drains the batteries a lot less.

If you still are looking for firewalls, maybe also look into pfSense. 
Routers
Routers

A router is a networking device that forwards data packets between computer networks. Routers perform the "traffic directing" functions on the Internet. The most familiar type of routers are home and small office cable or DSL routers that simply pass data, such as web pages, email, IM, and videos between computers and the Internet. More sophisticated routers, such as enterprise routers, connect large business or ISP networks up to the powerful core routers that forward data at high speed along the optical fiber lines of the Internet backbone. Though routers are typically dedicated hardware devices, use of software-based routers has grown increasingly common.

49K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
Ask the experts
Read over 600 more reviews

TRUSTED BY

IBM logoIntel logoMicrosoft logoUbisoft logoSAP logo
Qualcomm logoCitrix Systems logoWorkday logoErnst & Young logo
High performer badgeUsers love us badge
LinkedIn logoFacebook logoX logoInstagram logoTikTok logoYouTube logo