A lot has been written about this, but after reviewing more than 70 or 80 posts I can't for the life of me figure out what's going on with my setup, so any help would be GREATLY appreciated.
1. I have a tp-link 750AC Archer C2 router connected to my ISP thru the WAN port. (Router 1 or R1)
2. IP Range for LAN on R1 is 192.168.1.0/24 - Gateway & R1 IP is 192.168.1.1 - R1 DHCP range 192.168.1.100 to 119
3. I have a second router (same model, Router 2 or R2) cascaded to the first router thru its WAN port. (WAN on R2 connected to LAN R1).
4. The IP of the WAN port on R2 is 192.168.1.2. The IP for R2 WAN port is reserved using its MAC address in R1,
5. IP range for LAN on R2 is 192.168.2.0/24 - Gateway & R2 IP is 192.168.2.1 - R2 DHCP range 192.168.2.100 to 119
6. R1 has IP 192.168.1.2 (R2 WAN port) set as DMZ.
7. R1 has SPI Firewall Enabled, PPTP Pass-through:Enable, L2TP Pass-through:Enable & IPSec Pass-through:Enable
8. R1 gets a dynamic IP from my ISP.
9. NAT, Hardware NAT and Firewall are disabled on R2.
OK, so for the last year the IP I was dynamically assigned by my ISP was in a segment A.B.C.20 netmask 255.255.255.0 and I was able to connect R2 using L2TP and PPTP to my office's VPN.
As of 3 days ago my ISP assigned me a new dynamic IP address in the A.B.D.166 network with netmask 255.255.240.0 and since then the VPN connection can not be established. R1 still assigns R2 the correct internal IP, and no configuration has changed, at least not in my settings. I checked the ISP's A.B.D.166 IP and it is not blacklisted, and if I input my L2TP or PPTP credentials on R1, R1 does connect to the office's VPN with out problem, but I am left with no internet here at home.
I thought that the router might be broken or something, so I switched R1 with R2 and all the configurations and get the same results, and both can connect if they are not cascaded. Both routers have the latest firmware.
I also tried with a dlink dir-855 and a dlink dir-655 which I had laying around, and the same, when set up as R1 they can connect to either ISP or Office's VPN, but when cascaded they don't connect.
Please, this is driving me insane... I don't know what else to do, but I'll try anything.
Could it be something with the ISP's new IP? But if that is the case, why is it letting me connect to my office's VPN thru Router 1.
I doubt that the DMZ is not working on 4 different routers. I've opened up both UDP and TCP ports 1723, 500, 4500, 1701, etc for L2TP and PPTP to work as well (just in case)
I've even tried using Russian L2TP and Russian PPTP with the same results (and BTW, if someone could explain the difference between the regular tunnels and the russian ones, I would also appreciate it).
PLEASE! Any ideas and or suggestions are welcomed, and thank you in advance for your help.
Alex
1. I have a tp-link 750AC Archer C2 router connected to my ISP thru the WAN port. (Router 1 or R1)
2. IP Range for LAN on R1 is 192.168.1.0/24 - Gateway & R1 IP is 192.168.1.1 - R1 DHCP range 192.168.1.100 to 119
3. I have a second router (same model, Router 2 or R2) cascaded to the first router thru its WAN port. (WAN on R2 connected to LAN R1).
4. The IP of the WAN port on R2 is 192.168.1.2. The IP for R2 WAN port is reserved using its MAC address in R1,
5. IP range for LAN on R2 is 192.168.2.0/24 - Gateway & R2 IP is 192.168.2.1 - R2 DHCP range 192.168.2.100 to 119
6. R1 has IP 192.168.1.2 (R2 WAN port) set as DMZ.
7. R1 has SPI Firewall Enabled, PPTP Pass-through:Enable, L2TP Pass-through:Enable & IPSec Pass-through:Enable
8. R1 gets a dynamic IP from my ISP.
9. NAT, Hardware NAT and Firewall are disabled on R2.
OK, so for the last year the IP I was dynamically assigned by my ISP was in a segment A.B.C.20 netmask 255.255.255.0 and I was able to connect R2 using L2TP and PPTP to my office's VPN.
As of 3 days ago my ISP assigned me a new dynamic IP address in the A.B.D.166 network with netmask 255.255.240.0 and since then the VPN connection can not be established. R1 still assigns R2 the correct internal IP, and no configuration has changed, at least not in my settings. I checked the ISP's A.B.D.166 IP and it is not blacklisted, and if I input my L2TP or PPTP credentials on R1, R1 does connect to the office's VPN with out problem, but I am left with no internet here at home.
I thought that the router might be broken or something, so I switched R1 with R2 and all the configurations and get the same results, and both can connect if they are not cascaded. Both routers have the latest firmware.
I also tried with a dlink dir-855 and a dlink dir-655 which I had laying around, and the same, when set up as R1 they can connect to either ISP or Office's VPN, but when cascaded they don't connect.
Please, this is driving me insane... I don't know what else to do, but I'll try anything.
Could it be something with the ISP's new IP? But if that is the case, why is it letting me connect to my office's VPN thru Router 1.
I doubt that the DMZ is not working on 4 different routers. I've opened up both UDP and TCP ports 1723, 500, 4500, 1701, etc for L2TP and PPTP to work as well (just in case)
I've even tried using Russian L2TP and Russian PPTP with the same results (and BTW, if someone could explain the difference between the regular tunnels and the russian ones, I would also appreciate it).
PLEASE! Any ideas and or suggestions are welcomed, and thank you in advance for your help.
Alex