VPN Router under another router

joaco1993

Lifetime Supporting Member
J
Join Date
Sep 2014
Location
newyork
Posts
237
Hi everyone, i would like to know if this setup is possible and make sense.

The current architecture is the one in the picture but without the ROUTER2. The reason i want to add a second router is because i want to put a vpn server which is built in the router2.

The easiest way would be to remove router1 and just put router2 in the place of router1 and that would work right away..

But i dont want to change anything existing, so my question is if this setup is possible ?? I migh have to add static routing ?? open ports in router 1 ?? im a bit lost and dont know if its possible and if it makes sense.

The purpouse of the second router is just to have the vpn server. nothing else.. DHCP will be disable, etc.

Thanks!

IMG-3373.jpg
 
is the vpn for the PCs behind the existing router to access some other resource on the internet, or is the vpn for hosts out in the internet to have access to the LAN side of the existing router?
 
drbitboy said:
is the vpn for the PCs behind the existing router to access some other resource on the internet, or is the vpn for hosts out in the internet to have access to the LAN side of the existing router?
Click to expand...

Hi Drbitboy,

The purpouse of the vpn server is to access remotely to the PC1, PC2, PC3
 
The easiest way to do that is with a VPN rendezvous server. Your PC and the router both talk to a server in "the cloud", which handles the VPN connection. This avoids the necessity of static publicly addressable IPs for your router and the like.
 
It should be possible in principle.


I am pretty sure you will have to port-forward the VPN connection's ports to the existing router, because everything on 192.168.0.1 will be invisible to incoming connections from the Internet.


E.g. see these URLs; a bit of googling and reading should get you there.



https://www.google.com/search?client=firefox-b-1-d&q=setup+vpn+behind+firewall


https://community.spiceworks.com/topic/2204659-vpn-setup-behind-firewall


Also, here is my summary of how NAT works, which is the layer underneath port forwarding.


https://github.com/drbitboy/nat
 
drbitboy said:
It should be possible in principle.


I am pretty sure you will have to port-forward the VPN connection's ports to the existing router, because everything on 192.168.0.1 will be invisible to incoming connections from the Internet.


E.g. see these URLs; a bit of googling and reading should get you there.



https://www.google.com/search?client=firefox-b-1-d&q=setup+vpn+behind+firewall


https://community.spiceworks.com/topic/2204659-vpn-setup-behind-firewall


Also, here is my summary of how NAT works, which is the layer underneath port forwarding.


https://github.com/drbitboy/nat
Click to expand...

I have looked the info and it looks im in the right direction, however im attaching another picture.

Why i cant pint the router 2 from pc 1 ? if the wan port of router 2 has the ip 192.168.0.200 which is in the same net as PC1 ?

I have done routing in router 2 and i can ping router 1 from PC4..

I have port forward port 1732 which is the one PPTP vpn uses but wont work, i believe because of my first question that i cant ping router 2 from a device connected with router 1..

any suggestions ?

Thanks!

IMG-3379.jpg
 
What IP address is PC4 pinging?


What IP address is PC2 pinging?


The WAN port of router2 may not respond to pings from the WAN side.
 
drbitboy said:
What IP address is PC4 pinging?


What IP address is PC2 pinging?


The WAN port of router2 may not respond to pings from the WAN side.
Click to expand...

Hi,

PC2 is pinging the wan port 192.168.0.200 which is in the same subnet as PC2, why wouldnt respond if ip of pc2 is 192.168.0.105 ?

PC4 is pinging PC2 which ip is 192.168.0.105 and is being routed within router2. (this works ok)

Thanks!
 
joaco1993 said:
Hi,

PC2 is pinging the wan port 192.168.0.200 which is in the same subnet as PC2, why wouldnt respond if ip of pc2 is 192.168.0.105 ?

PC4 is pinging PC2 which ip is 192.168.0.105 and is being routed within router2. (this works ok)

Thanks!
Click to expand...




Can PC4 ping 192.168.0.200 i.e. the WAN IP of Router2?


Try [telnet 192.168.0.200 23] from a CMD.exe window on PC2.


If it times out, there is a problem, but that will probably not happen.


If it says [Connection refused], that is the same as a successful ping i.e. something was there but not LISTENing on port 23.


If it connects, then hit Control-] (I think) and then press q, then Enter; that is also the same as a successful ping.


I think those are the only possibilities, although Router2 could time out instead of refusing if it was set up that way, so if it times out, see if Router2 is listening on some other port e.g. 80 or 443.
 
Last edited:
drbitboy said:
Huh, maybe it's being clever by ignoring pings from the WAN side but allowing them from the LAN side.


Try the CMD.exe/telnet tests I added to my last post.
Click to expand...

which last post do you mean ?

EDIT: Sorry didnt saw the last post..
 
Last edited:
drbitboy said:
Can PC4 ping 192.168.0.200 i.e. the WAN IP of Router2?


Try [telnet 192.168.0.200 23] from a CMD.exe window on PC2.


If it times out, there is a problem, but that will probably not happen.


If it says [Connection refused], that is the same as a successful ping i.e. something was there but not LISTENing on port 23.


If it connects, then hit Control-] (I think) and then press q, then Enter; that is also the same as a successful ping.


I think those are the only possibilities, although Router2 could time out instead of refusing if it was set up that way, so if it times out, see if Router2 is listening on some other port e.g. 80 or 443.
Click to expand...

I tried all the telnets you suggest and in all of them it says cant open connection on port X , error in connection.
 

Similar Topics

A
Remote vpn router setup
I am trying to use setup a remote vpn router for external OEM connection. The thing I cannot wrap my head around is the gateway. We use the...
Replies
3
Views
275
lfe
L
H
Using prepaid SIM card for cell modem/VPN router
Have anyone done this? I don't see why this wouldn't work but I may be missing something too. Getting any recurring account opened is a pain...
Replies
6
Views
1,058
harryting
H
M
AB PLC/RSLinx to connect to Stridelinx VPN Router
I am trying to setup a remote connection to a compactlogix plc using a stridelinx vpn router. I currently have a cmore hmi working thru the vpn...
Replies
3
Views
2,041
MTPLCUSER
M
K
Need a good VPN router for remote connect to PLC
Hi guys! My company wants to start offering remote PLC support to our customers. Currently, we use software called LogMeIn, which we can...
2
Replies
18
Views
9,745
Ranjith
R
K
Router Requirements for VPN
I'm planning to setup a VPN connection to a customers PLC. I am trying to determine which router to buy (and budget for). My question is about...
Replies
12
Views
4,413
Klausbird
K
Back
Top Bottom