VPN setup behind a NAT router

By ychang ·
I want to set up a VPN server on a current Windows 2003 server with only one NIC installed. The LinkSys DSL router is programmed as a DHCP server for all local machines and act as a NAT. There is a VPN set up option inside the router but I don't know what's the relationship between VPN server and this router. Can anyone tell me how to set up this VPN server and router to allow remote VPN connection? Thanks

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -


by faradhi In reply to VPN setup behind a NAT ro ...

In the absence of knowing which router you are using, all we can do is explain NAT.

NAT allows the router to convert an external address to an internal address. In this case, the external VPN peer will create a connection to the router's external address. The Router will take that traffic and divert it to the internal VPN server. The internal server send traffic to the external peer's address. However when the packets pass through the router, the router will change source address in the packets to make them appear that they came from the router's external address. This way the external peer has no knowledge of the internal peer's address.

I hope this helps. If you need exact settings, I suggest that you post the make and model of the router you are using and someone might be able to give you specifics on how to set up the NAT correctly.

Collapse -

VPN setup behind NAT router

by ychang In reply to NAT

I am using LinkSys model-BEFSX41

Collapse -

consumer level routers

by CG IT In reply to VPN setup behind NAT rout ...

there's 2 ways to do this with a consumer level router.

A. enable PPTP pass through the firewall on the router. Forward TCP/IP port 1723 and GRE port 47 to the server.

B. enable the DMZ port [port 4 on the router] and connect the server to the DMZ port. Ensure that you have a firewall on the Server. create rules on the server firewall to allow TCP/IP port 1723 and GRE port 47 into the server. Configure RRAS on the server with a pool of addresses for remote clients. Configure authentication rules in RRAS.

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums