Improve company productivity with a Business Account.Sign Up

x
?
Solved

Opening ports from a router to the general network

Posted on 2011-03-09
7
Medium Priority
?
667 Views
Last Modified: 2012-05-11
Hi Guys,

We have a Dell laptop that connects via a Belkin F5D8635 router that doesn't appear to let the VPN function on the laptop to the remote office.
We have tried this in other locations (other homes, office etc) and it works fine so it is definatly down to the router.
We are going to open the PPTP ports on it (which are under the virtual servers options) but it specifies that you need to put the LAN ip of the target (the laptop) to router the port to.
My question is what if i want to just 'allow' this port through to the internal network and not to a specific machine ? it does allow me to put in 192.168.0.0 as the IP but i'm not confident this is doing what i think.
0
Comment
Question by:Netexperts
  • 3
  • 3
7 Comments
 
LVL 40

Expert Comment

by:Aaron Tomosky
ID: 35084984
There should be a pptp an l2tp passthrough checkbox somewhere in the router settings. Port forwarding is not going to help you
0
 
LVL 1

Author Comment

by:Netexperts
ID: 35085024
There's no L2TP only PPTP which i think should suffice but i can't see anywhere (or in the manual) that there's a 'passthrough' option

Thanks
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35085953
Unfortunately, port forwarding to your entire internal network is not possible.  When a computer sends data to another computer on the internet, it needs to have a destination IP address that is unique to the computer that needs to receive the data.  But there aren't enough IP addresses to go around (not counting IPv6, which is irrelevant to the current discussion), so many private networks use workarounds to put many computers on a single public IP address.
Each computer on the private network still has its own private IP address (example:  192.168.0.137).  The router between the private network and the internet uses a procedure called Network Address Translation (NAT, although most technically use Port Address Translation - PAT - and call it NAT) to handle traffic between the private network and the internet.  Outgoing (from the private network to the internet) traffic is changed so that the sending IP is seen as the public IP address, and a source port number is used so that reply traffic can be routed to the correct private network computer by the router.  Incoming traffic is blocked, unless the destination port number is forwarded through the router to a particular computer.
So, you see, if a port in the router is "open" but not forwarded to a specific computer, then there is no way to identify a specific destination computer.  Even if you could get a router to forward a port without specifying a destination IP address, the router would have to either broadcast the incoming packet on the private network - in which case it would be ignored - or drop it, which is essentially equivalent to the port being closed.

(Sorry for the dissertation, but I thought it might help ... )

I looked up the manual for that Belkin router, and I didn't see any VPN passthrough options, but I did see a mention in the Troubleshooting section (page 80) about VPN connectivity being affected by the stability of the wireless connection.  Is your laptop connected by wireless, or wired?

Also, for my own clarification, are you trying to connect a VPN from the laptop to somewhere else, or from somewhere else to the laptop?  Could make a big difference ...

hth!
:)
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
LVL 1

Author Comment

by:Netexperts
ID: 35086196
Thanks, that does clarify things a bit.The laptops wired in and it's from the laptop to our office.
I didn't see anything about VPN passthrough either but it does say it's capable of handling VPN but doesn't say how
0
 
LVL 10

Accepted Solution

by:
TekServer earned 1000 total points
ID: 35086327
Most home routers will pass outgoing VPN traffic without any configuration change; some have a simple checkbox to "Enable VPN Passthrough" (typically Linksys routers).

You shouldn't need any port forwarding set (incoming replies to previous outbound traffic should automatically be routed correctly), and - apparently - there is no setup required for outbound VPN traffic for this Belkin router.

Hmm, that gives me an idea ... (Googling ... )

I found a firmware update that includes a fix for your issue specifically; maybe that will solve your problem.
Firmware Update

hth!
:)
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 35094250
That's great.
I haven't tried it yet but it does make sense and gives me enough to work with so that's good enough.

many Thanks
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35095556
Glad I could help!

:)
0

Featured Post

Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
This article is about building a site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question