Community discussions

MikroTik App
 
User avatar
xperiments2021
just joined
Topic Author
Posts: 6
Joined: Tue Apr 27, 2021 10:35 am

Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Tue Apr 27, 2021 11:21 am

Hello to everyone. I have the obligation to mention that I am inexperienced in Mikrotik products.

Can anyone try to connect through IPsec VPN Mikrotik Routerboard hEX router to TP-LINK TL-R605 omada router. I will give a try for this. If anyone has more info about it, could you please support us! Thanks

Here is my topology
Image

Here is my configuration of TL-LINK TL-R605
Image
*on remote gateway I set the public IP address of network 2

Here is my configuration of Mikrotik
Image
on address I set the public IP address of network 1
Image
Image
Image
Image
 
User avatar
xperiments2021
just joined
Topic Author
Posts: 6
Joined: Tue Apr 27, 2021 10:35 am

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Thu Apr 29, 2021 2:41 pm

I make some changes:
Mikrotik Configurations
Image
Image
Image
Image
Image

TP-LINK Configuration
Image
Image
Image

I see in some video tutorials for mikrotik that phase 1 is configuration of profiles and phase 2 is proposals.
Also as you can see for tplink configuration i convert lifetime in seconds
08:00:00 is 28800 seconds
1d is 86400 seconds
And VPN dont WORK. Any advice??
Thanks a lot in advance
 
User avatar
xperiments2021
just joined
Topic Author
Posts: 6
Joined: Tue Apr 27, 2021 10:35 am

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Wed May 05, 2021 3:18 pm

Any advice someone?????
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Wed May 05, 2021 3:24 pm

I'm sorry I can't help you,
but I wanted to thank you because you are one of the few people who put up a chart to make people understand the problem.

I hope someone who knows TP-Link can help you.

Thank you.
 
felixka
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 19, 2020 4:12 am
Location: Canada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Sat Jul 31, 2021 1:43 am

I, too, have been unable to make this work between a TL-R605 and an RB4011 running ROSv6.46. The Mikrotik router tries to establish a Phase 2 tunnel but never receives a reply from the TP-Link.
This Omada stuff seems to be very early stage right now.
 
felixka
Frequent Visitor
Frequent Visitor
Posts: 58
Joined: Mon Oct 19, 2020 4:12 am
Location: Canada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Mon Aug 02, 2021 12:25 pm

Got it to work for my setup where the Omada device is on a static IP and the Mikrotik RB4011 is on a dynamic IP, initiating the IPSec tunnel from it's side.

TL-R605 Firmware: 1.1.0
RB4011 Firmware: 6.49beta46

Here are my settings:
Mikrotik side:
/ip ipsec profile
add dh-group=ecp521 enc-algorithm=aes-256 lifetime=8h name=omada
/ip ipsec peer
add address=<static WAN IP of Omada Device> exchange-mode=ike2 name=omada profile=omada
/ip ipsec proposal
add enc-algorithms=aes-256-cbc lifetime=8h name=omada pfs-group=modp1536
/ip ipsec identity
add my-id=fqdn:remote.example.com peer=omada secret=<your PSK>
/ip ipsec policy
add dst-address=192.168.0.0/24 peer=omada proposal=omada src-address=10.0.0.0/24 tunnel=yes
Omada Settings:
omada_mikrotik_vpn_settings.png
You do not have the required permissions to view the files attached to this post.
 
yabdali
just joined
Posts: 13
Joined: Sat Oct 22, 2016 3:44 am

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Thu Nov 03, 2022 9:21 pm

Got it to work for my setup where the Omada device is on a static IP and the Mikrotik RB4011 is on a dynamic IP, initiating the IPSec tunnel from it's side.

TL-R605 Firmware: 1.1.0
RB4011 Firmware: 6.49beta46

Here are my settings:
Mikrotik side:
/ip ipsec profile
add dh-group=ecp521 enc-algorithm=aes-256 lifetime=8h name=omada
/ip ipsec peer
add address=<static WAN IP of Omada Device> exchange-mode=ike2 name=omada profile=omada
/ip ipsec proposal
add enc-algorithms=aes-256-cbc lifetime=8h name=omada pfs-group=modp1536
/ip ipsec identity
add my-id=fqdn:remote.example.com peer=omada secret=<your PSK>
/ip ipsec policy
add dst-address=192.168.0.0/24 peer=omada proposal=omada src-address=10.0.0.0/24 tunnel=yes
Omada Settings:
omada_mikrotik_vpn_settings.png
Hi,
Would it be possible to share further details about firewall/port forwarding configuration on both ends? Thanks in advance

Who is online

Users browsing this forum: JBrinkZA and 55 guests