Solved

Opening ports from a router to the general network

Posted on 2011-03-09
7
659 Views
Last Modified: 2012-05-11
Hi Guys,

We have a Dell laptop that connects via a Belkin F5D8635 router that doesn't appear to let the VPN function on the laptop to the remote office.
We have tried this in other locations (other homes, office etc) and it works fine so it is definatly down to the router.
We are going to open the PPTP ports on it (which are under the virtual servers options) but it specifies that you need to put the LAN ip of the target (the laptop) to router the port to.
My question is what if i want to just 'allow' this port through to the internal network and not to a specific machine ? it does allow me to put in 192.168.0.0 as the IP but i'm not confident this is doing what i think.
0
Comment
Question by:Netexperts
  • 3
  • 3
7 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35084984
There should be a pptp an l2tp passthrough checkbox somewhere in the router settings. Port forwarding is not going to help you
0
 
LVL 1

Author Comment

by:Netexperts
ID: 35085024
There's no L2TP only PPTP which i think should suffice but i can't see anywhere (or in the manual) that there's a 'passthrough' option

Thanks
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35085953
Unfortunately, port forwarding to your entire internal network is not possible.  When a computer sends data to another computer on the internet, it needs to have a destination IP address that is unique to the computer that needs to receive the data.  But there aren't enough IP addresses to go around (not counting IPv6, which is irrelevant to the current discussion), so many private networks use workarounds to put many computers on a single public IP address.
Each computer on the private network still has its own private IP address (example:  192.168.0.137).  The router between the private network and the internet uses a procedure called Network Address Translation (NAT, although most technically use Port Address Translation - PAT - and call it NAT) to handle traffic between the private network and the internet.  Outgoing (from the private network to the internet) traffic is changed so that the sending IP is seen as the public IP address, and a source port number is used so that reply traffic can be routed to the correct private network computer by the router.  Incoming traffic is blocked, unless the destination port number is forwarded through the router to a particular computer.
So, you see, if a port in the router is "open" but not forwarded to a specific computer, then there is no way to identify a specific destination computer.  Even if you could get a router to forward a port without specifying a destination IP address, the router would have to either broadcast the incoming packet on the private network - in which case it would be ignored - or drop it, which is essentially equivalent to the port being closed.

(Sorry for the dissertation, but I thought it might help ... )

I looked up the manual for that Belkin router, and I didn't see any VPN passthrough options, but I did see a mention in the Troubleshooting section (page 80) about VPN connectivity being affected by the stability of the wireless connection.  Is your laptop connected by wireless, or wired?

Also, for my own clarification, are you trying to connect a VPN from the laptop to somewhere else, or from somewhere else to the laptop?  Could make a big difference ...

hth!
:)
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:Netexperts
ID: 35086196
Thanks, that does clarify things a bit.The laptops wired in and it's from the laptop to our office.
I didn't see anything about VPN passthrough either but it does say it's capable of handling VPN but doesn't say how
0
 
LVL 10

Accepted Solution

by:
TekServer earned 250 total points
ID: 35086327
Most home routers will pass outgoing VPN traffic without any configuration change; some have a simple checkbox to "Enable VPN Passthrough" (typically Linksys routers).

You shouldn't need any port forwarding set (incoming replies to previous outbound traffic should automatically be routed correctly), and - apparently - there is no setup required for outbound VPN traffic for this Belkin router.

Hmm, that gives me an idea ... (Googling ... )

I found a firmware update that includes a fix for your issue specifically; maybe that will solve your problem.
Firmware Update

hth!
:)
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 35094250
That's great.
I haven't tried it yet but it does make sense and gives me enough to work with so that's good enough.

many Thanks
0
 
LVL 10

Expert Comment

by:TekServer
ID: 35095556
Glad I could help!

:)
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question