I have a VPN configured on a router (router model is bintec be.ip plus).
VPN Connections are successfully established by the clients using IKEv2 (router is reachable via DynDNS).
Router's local ip address is 192.168.73.1. One of the local device's ip address is 192.168.73.150.
The problem is: sometimes the devices in the local network cannot be reached by the VPN clients. E.g. a ping fails:
> ping 192.168.73.150
PING 192.168.73.150 (192.168.73.150): 56 data bytes
Request timeout for icmp_seq 0
The router itself is always reachable by the clients:
> ping 192.168.73.1
PING 192.168.73.1 (192.168.73.1): 56 data bytes
64 bytes from 192.168.73.1: icmp_seq=0 ttl=63 time=83.713 ms
And the local device is always reachable by the router:
> ping 192.168.73.150
PING 192.168.73.150: 64 data bytes
64 bytes from 192.168.73.150: icmp_seq=0. time=0.569 ms
As it only sometimes fails I doubt it's a firewall issue.
As the ping packets from the router to the device succeeds I doubt it's a local network issue.
I suspect some kind of routing issue but have absolutely no idea how to proceed with the problem.
Any ideas how to investigate further?
Best Answer
I finally found it out.
The DHCP address pool von VPN clients is 192.168.73.201-192.168.73.220.
But there is a local device which has a static IP 192.168.73.201, configured on the device itself.
The first VPN client logging in gets the IP address 192.168.73.201 from DHCP which causes a conflict as the address is already in use.
My mistake. Thanks for helping me!