Can't Get the L2TP Server to Work on the Omada ER8411 Router. Any Tips?

Just as the post title says, I have an ER8411 router. I have tried forwarding ports the L2TP UDP ports within the router itself, but I can’t get the L2TP VPN to work on any of my devices. I have set it up following TP-Link’s guide and have rebooted several times to no avail. I’ve made sure my public IP is correct as well.

Here are my settings. The 192.168.40.1/24 subnet is my VPN VLAN pool. I’ve tried changing the “Local Networks” setting to just the VPN IP Group, but that hasn’t helped either:

ER8411 L2TP VPN Server Settings

And here are the settings on my client device (iPhone):

​

iPhone L2TP VPN Settings

I have the OC300 controller and a dummy modem (that has no DMZ or port-forwarding capability) in front of the router that connects to Comcast via coaxial. I have created a VPN user and entered the correct information on my device. I’ve never had this issue with any other VPN on my line of internet, even from super cheap consumer routers. I get the following error when connecting with iPhone:

​

iPhone L2TP VPN

I’ve tried remaking the configuration, remaking everything, rebooting the router (even a hard restart) and rebooting the rest of the system. Nothing has worked. Any tips?

Just an update, I tried a hosting separate VPN server locally on another non-Omada device, and it worked once, and then never again. There’s just no connection. Even if I open all ports and disable the firewall entirely, it still does nothing.

Despite my port-forwarding rules still being enabled, the Omada router has decided to close them after the first time I connected, and no port scanner has showed that they are open on any protocol.

Also, in case anyone wants to know, I’m NOT behind a CGNAT.

you have to enable Require Strong Authentication on unifi L2TP server…

I have er605 and was able to set up L2TP without any port forwarding or firewall changes.

Despite acl and mdns problems with tplink I had no issues with vpn setup.

Are you able to vpn onto the “main lan” ip range? Try that. Maybe an acl rule somewhere messing with your von connection

I’ve tried making the IP pool be the main lan, and every other vlan in my network, as well as assigning it to a subnet with no pool or vlan attached. No luck with any of them, it just doesn’t connect to the router. This seems to be a widespread issue on the ER8411, crickets from TP-Link…

Here’s my screenshots - is it possible a typo or a space somewhere in a key or account or username? It was quite simple for me though I have the 605 not 8411 - here’s my screenshots in case they help (connecting from Mac, but same settings on iphone connect fine too.

I wasn’t able to get openvpn connected after a lot of trouble…which is why i went to basic l2tp.

https://imgur.com/a/dNj5SAC

Hmm, I’m starting to think this is just an issue on the ER8411. I posted the issue on the TP-Link forums and other owners were just like “yeah, nothing works on the ER8411 right now”.

This actually still isn’t fixed lol, if you can believe it. TP-Link is hot garbage.

Yes, I buyed the “premium” product on purpose, as we use a lot of fiber cables. However, so far it is not convincing.

I will try to configure a PPTP-VPN and hope that one works out.

I use Wireguard now and it works.

Not working as well. Does anyone tried with an ER605 to determine if it really is the ER8411 causing the issues?

I know this post is old, but i am having the same issues with my er605. Did this ever get resolved?