How to set up a VPN connection with TP-Link Wireless Dual Band 4G LTE Router (new logo)

05-23-2017
194582

The VPN (Virtual Private Network) technology is developed and used to establish the private network through the public network, which can provide a secure communication to a remote computer or remote network, and guarantee a secure data exchange. IPSec is one of the major implementations of VPNs.

I want to:

Establish an IPSec VPN tunnel to connect two LANs via internet so that the hosts in different remote LANs are able to communicate with each other as if they are in the same LAN.

For example, I am the network administrator of a regional office, I need to let my office staff to visit the headquarters’ servers and resources, and vice versa. I know that the router in my office and the device in headquarters both support IPSec VPN feature, so I decide to set up a VPN connection with the headquarter office.

The following diagram is a typical VPN topology. Here Site A refers to regional office’s network (local network). And Site B refers to the headquarters’ network (remote network) which I want to connect to.

How can I do that?

Here takes Archer MR200 as demonstration.

1. Make sure of the topology you want to build and record site A (local network) and site B (remote network)’s LAN IP and WAN IP.

2. Configuration on site A (local network).

1) Please refer to How to log into the web-based management interface of TP-Link Wireless Dual Band 4G LTE Router? (new logo)

2) Go to Advanced > VPN > IPSec VPN to open the configuration page. Click Add to set up a VPN tunnel.

3) In the IPSec Connection Name column, specify a name.

4) In the Remote IPSec Gateway (URL) column, Enter Site B’s WAN IP address.

5) To configure Site A’s LAN:

In the Tunnel access from local IP addresses column, here we take Subnet Address as an example. Then input the LAN IP range of Site A in the IP Address for VPN column, and input Subnet Mask of Site A.

6) To configure Site B’s LAN:

In the Tunnel access from remote IP addresses column, here we take Subnet Address as an example. Then input the LAN IP range of Site B in the IP Address for VPN column, and input Subnet Mask of Site B.

7) Select the Key Exchange Method for the policy. We select Auto (IKE) here.

8) Enter the Pre-Shared Key for IKE authentication. Then keep Perfect Forward Secrecy enabled.

Note: Make sure Site A and Site B use the same key.

9) Leave the Advanced Settings as default value. Then click OK to save.

3. Configuration on Site B (remote network). Refer to step 2 configuration on Site A and make sure that Site A and Site B use the same pre-shared keys and Perfect Forward Secrecy settings.

4. The Status column will change to Up if the VPN connection has been set up successfully.

5. Check the VPN connection. You can ping site B’ LAN IP from your computer to verify that the IPSec VPN connection is set up correctly.

Tips: To check the VPN connection, you can do the following.

a. On the host in Site A, press [Windows Logo] + [R] to open Run dialog. Input “cmd” and hit OK.

b. In the CLI window, type in “ping 192.168.2.x” (“192.168.2.x” can be IP address of any host in Site B). Then press [Enter].

c. If Ping proceeds successfully (gets replies from host in Site B), the IPSec connection is working properly now.

Now IPSec VPN is implemented to establish a connection.

Note:

1. The product supports a maximum of ten simultaneous connections.

2. If one of the site has been off line for a while, for example, if Site A has been disconnected, on Site B you need to click Disable and then click Enable after Site A back on line in order to re-establish the IPSec tunnel.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.