Community discussions

MikroTik App
 
ekkas
Long time Member
Long time Member
Topic Author
Posts: 567
Joined: Mon Sep 26, 2005 1:01 pm
Location: South Africa

Double NATted VPN 'forward'

Fri Mar 05, 2010 11:26 am

ROS 4.6
I have a client that urgently need a VPN connection to their local network.

The thing is that we NAT our wireless network(to 10.0.0.0/8 range), and then each client site also has a Mikrotik that NAT their local LAN to 192.168.0.0/24

What they've done is to setup a Windows XP 'Allow incoming connections' setup, a crude VPN version.
What I've done so far:
On CPE:
Forwarded TCP port 1723 to LAN IP
Forwarded GRE protocol to the LAN IP

On our breakout router:
Forwarded TCP port 1723 to WLAN IP
Forwarded GRE protocol to the WLAN IP

From within our WLAN it seems to want to connect (they do not want to give username/password!) as it says username/password is incorrect, but from outside the network, it does not want to, just says connection cannot be established.

Please help to either fix the messy scenario as-is,
or, preferably,
Would there be an easier/better way to setup VPN on our breakout router that in some way connect directly to the client's LAN through it's NAT?

I hope this makes sense.

Ekkas

Who is online

Users browsing this forum: ACHim, Amazon [Bot], chrisk, DimoSK, RiStaR and 74 guests