What to do if you cannot access the remote network through Client-to-LAN/Site VPN tunnel

Cơ sở kiến thức
Hướng dẫn khắc phục sự cố
Gateway
07-23-2024
11042

Please follow this FAQ to configure the Client-to-LAN PPTP VPN server on TP-Link routers: https://www.tp-link.com/en/support/faq/3026/

Please follow this FAQ to configure the Client-to-LAN L2TP VPN server on TP-Link routers: https://www.tp-link.com/en/support/faq/3025/

With Client-to-LAN (Client-to-Site) VPN, the VPN client can access the remote network resources. If you have set up the VPN server, connected the VPN clients, but cannot access the remote network resources through the VPN tunnel, this article will help you troubleshoot.

Step 1. Check the VPN tunnel status.

Make sure that the client’s VPN status is displayed as “Connected”.

For Windows 10 devices, go to Settings – Network & Internet – VPN; for Windows 7 devices, go to Control Panel – Network and Internet – Network and Sharing Center – Change Adapter Settings.

Besides, on the tunnel list page (VPN –> L2TP or PPTP –> Tunnel List), there will be the current VPN connections and the relevant information listed, once the VPN tunnels are established.

If the VPN tunnel is not connected, please check the Internet access of both sides, as well as the VPN server settings following the above FAQs.

If the VPN tunnel has been established, please go to Step 2.

Step 2. Check the access to the remote network.

Ping is a command that can help test the connection between devices. If you don’t know much about that, please refer to How to Use the Ping Command. Try to ping the remote gateway (LAN IP of the router) and some other devices in the remote network.

For example, as shown in the figure below, execute commands “ping 192.168.0.1” and “ping 192.168.0.100” on the VPN client to check the connection with the VPN server and the PC, respectively.

If you fail to ping all the devices, including the VPN server, go to Step 3.

If you can ping the VPN server, but fail to ping some of the devices, go to Step 5.

Note that if you can access the remote network resource, but cannot ping some devices, it must be related to the Firewall or antivirus program running on the devices. In this case, the VPN tunnel is working quite well and no need to worry about the Ping result.

Step 3. Check the local IP address of the VPN client and the LAN IP of the VPN router.

If your client is using the mobile network, please directly go to Step 4.

If your client uses Wi-Fi or Ethernet for Internet access, please check the local IP address it obtained from the local router.

For Windows / MAC Devices, please refer to How to find IP address of your computer (Windows XP, Vista, 7, 8, 10,Mac)?

For Mobile devices (Android/iOS devices), please refer to How to find IP address of Android smartphone/iPhone/iPad?

As shown in the figure above, the local IP address of the VPN client is 192.168.0.150, obtained from the wireless router with LAN IP 192.168.0.1. However, LAN IP of the VPN router is also 192.168.0.1, in the same subnet as the local network. Two networks share the same subnet 192.168.0.1/24. In this case, the VPN client may not be able to access the remote network. You have to change the network IP address of the local network or remote network.

Step 4. Check the advanced settings of the VPN adapter.

This is mainly for the Windows devices. Go to Control Panel –> Network and Internet –> Network and Sharing Center –> Change Adapter Settings, then you will find the PPTP/L2TP VPN adapters. Right-click the adapter –> Properties –> Networking, Double-click “Internet Protocol Version 4” –> Advanced, then you will find the Advanced TCP/IP settings for the VPN.

By default, “Use default gateway on remote network” is enabled, all network request, whether to Internet or to the remote network, will be forwarded via the VPN tunnel, and handled by the VPN server. Please set up the configuration the same as the following figure, and check if the remote access is available.

What to do if you want to access the remote network with a VPN and the Internet with the local gateway? Please refer to FAQ What to do if you want to access the Internet with the local gateway rather than the PPTP/L2TP VPN Server?

Step 5. Check the Firewall status and try to disable it temporarily.

Windows Defender Firewall, or some other Antivirus programs will block Ping whose source IP is in a different subnet.

Please try to disable the Firewall or Antivirus programs temporarily, or you can adjust the firewall policies, then check whether Ping is successful.

If you have confirmed the above steps, but still cannot access the remote network resources, please contact TP-Link support.

Please Rate this Document

Related Documents