DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
VPN threesome
- heckilaci
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
21 Sep 2012 19:54 #73602
by heckilaci
VPN threesome was created by heckilaci
I have been thinking a lot about this, but non of my theoretical solutions have worked so far. Anybody has any ideas?
Here is the scenario:
Draytek 3100 at remote site, with remote LAN 192.168.2.0 behind it, connects to internet via 3G, but mobile provider provides non public IP, so Draytek 3100 sets up a LAN to LAN VPN with a Draytek 2920 in the office, with the office LAN 192.168.1.0 behind it.
It all works brilliantly, all office devices on 192.168.1.0 office LAN can see all remote devices on 192.168.2.0 remote LAN.
However, I want to allow TCP access for a third party to a device, say 192.168.2.10 on the remote LAN, but only on two ports, say 6000 and 6001.
Of course, if it was a device on the 192.168.1.0 office LAN, I could simply port forward the third party to that device, it being on the same subnet as the router/gateway. But it will not forward to 192.168.2.x, or if it does, nothing comes back.
I also tried to give the third party remote VPN access to the office LAN, in effect getting a 192.168.1.x IP address, but it still cannot access 192.168.2.x addresses. The furthest I got was the web interface of the remote Draytek 3100 router, but only when using the VPN routing address from the office router's routing table, which is a 192.168.1.x address. However, this seems to reach the remote router via a LAN port, as I could not do any port forwarding.
As you see, I have done some homework. Does anyone have any experience in this? Many many thanks for any support
Here is the scenario:
Draytek 3100
It all works brilliantly, all office devices on 192.168.1.0 office LAN can see all remote devices on 192.168.2.0 remote LAN.
However, I want to allow TCP access for a third party
Of course, if it was a device on the 192.168.1.0 office LAN, I could simply port forward the third party to that device, it being on the same subnet as the router/gateway. But it will not forward to 192.168.2.x, or if it does, nothing comes back.
I also tried to give the third party remote VPN access to the office LAN, in effect getting a 192.168.1.x IP address, but it still cannot access 192.168.2.x addresses. The furthest I got was the web interface of the remote Draytek 3100 router, but only when using the VPN routing address from the office router's routing table, which is a 192.168.1.x address. However, this seems to reach the remote router via a LAN port, as I could not do any port forwarding.
As you see, I have done some homework. Does anyone have any experience in this? Many many thanks for any support
Please Log in or Create an account to join the conversation.
- nealuk
- Offline
- Member
Less
More
- Posts: 465
- Thank you received: 0
27 Sep 2012 14:28 #73651
by nealuk
Replied by nealuk on topic Re: VPN threesome
Could you get a static wan IP for the 3G ? Would make things easier. Many providers supply them.
Regards, Neal
Regards, Neal
Please Log in or Create an account to join the conversation.
- sicon
- Offline
- Contributor
Less
More
- Posts: 642
- Thank you received: 0
02 Oct 2012 15:40 #73714
by sicon
Replied by sicon on topic Re: VPN threesome
Is the VPN PPTP? Is the routing correct on the Tables at both ends?
If they can ping accress each other then you should be able to do the same with the Port, you may have to create firewall rules and port forwarding though
If they can ping accress each other then you should be able to do the same with the Port, you may have to create firewall rules and port forwarding though
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek