What's new

RT-AC3200 is breaking my VPN to work - IKE port redirected

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Edbert

Occasional Visitor
Maybe not breaking, just severely hampering.

I've confirmed via WireShark that my PC is sending requests on destination port 4500 (IKE) and the router is converting them to 443 (HTTPS) which the VPN endpoint at work sees and thinks I'm a guest or visitor mode connection...which sucks!

I know there are no outbound rules on this device, but is there a way to force the correct port?
 
Have you tried changing the IPSec Passthrough setting at WAN > NAT Passthrough ?
That was it.

I'm a little bit disappointed in the wording from ASUS. This is what it says on-screen...
"(VPN) connection to pass through the router to the network clients".

I think that should say "from" the clients not "to" them.

Regardless that fixed the issue, and you sir deserve a cookie!
 
I wonder if this is my problem? I have a new Asus RT-AX86U which connects perfectly with everything in my home. However, although it does connect to my work laptop (with VPN) and I can browse the internet and do a few other things to show that it is connected, the router is not allowing full connectivity to the extent that I cannot use Microsoft Outlook, IE, Teams, etc.. When I plug it all into my old router, it all works. What in the world?
 
:) Yep.. Just waiting for the kid's Zoom meetings to finish up for the day. Really hoping this cures it.
 
So.. the IPSec Passthrough setting was already set to "Enable" along with all of the other passthrough options (I tried Disable too). Not working for me. One other thing I noticed with my work computer, it's the only client in my list that is 'Static' as opposed to DHCP. Not sure if that plays a role. Again, it connects but not fully to where all my application work.
 
Let me know if anyone sees an obvious change I can make on the new router based on the old router settings. The existing settings on the old router (Apple Airport Time Capsule 802.11ac Model A1470 ver 7.9.1) which does not have the problem I am experiencing with the new Asus, are:
  • INTERNET
    • Connect using: DHCP
    • IPv4 Address: Renew DHCP Lease
    • DNS Servers: blank
    • IPv6 DNS servers: blank
    • Domain Name: blank
      • Internet Options
        • Configure IPv6: Automatically
        • IPv6 Mode: Native
        • Enable IPv6 Connection sharing (unchecked)
        • IPv6 Address: blank
        • IPv6 Default Route: blank
        • Use dynamic global hostname (unchecked)
  • WIRELESS
    • Network mode: Create a wireless network
    • Wireless Network Name: Name
    • Wireless Security: WPA2 Personal
    • Wireless Password: **********
    • Verify Password: *********
    • Enable Guest Network (unchecked)
      • Wireless Options
        • 5Ghz network name (unchecked): none
        • Country: United States
        • Create hidden network (unchecked)
        • 2.4GHz Channel: Automatic
        • 5GHz Channel: Automatic
  • NETWORK
    • Router Mode: DHCP and NAT
    • DHCP Range: 10.0.1.2 to 10.0.1.200
    • DHCP Reservations: None listed
    • Port Settings: None listed
    • Enable Access Control (unchecked)
      • Network Options
        • DHCP Lease: 1 day
        • IPv4 DHCP Range: 10.0.1.2 to 200
        • Enable NAT Port Mapping Protocol (checked)
        • Enable default host at: none
        • Enable IGMP Snooping (unchecked)
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top