can I NAT a L2TP server?

David1234 · January 6, 2019, 11:23am

Hello ,
wanted to know
can I “route” a l2tp request?
I have a server on x.x.x.x
I want to router the request and make them connect to another L2TP server at y.y.y.y(with the same user\password) - which already excicte in the second reouter

can I do this?

the reason is - I need to shut down my L2TP server , and change my IP - so I want all the clients to connect to the new one(at least at first )

Thanks,

CZFan · January 6, 2019, 11:28am

Yes, use port forwarding (Destination NAT) to point to new server / ip

David1234 · January 6, 2019, 11:35am

I have try this
but still not working

do I need to turn off the l2tp server option in the first server to make this work?

this is what I have in the firewall

add action=dst-nat chain=dstnat dst-port=1701 in-interface=Wan protocol=udp to-addresses=1.1.1.1 to-ports=1701

CZFan · January 6, 2019, 12:07pm

Are you using IPSec? If so, forward ports 500, 1701 & 4500

Also remember to open these ports in firewall of destination device

David1234 · January 6, 2019, 12:13pm

No , I’m not using IPSec , only L2TP port which is udp-1701
I have check and everytihng is open in the second server , I can connect to it using l2tp client (so it’s working)
I think my problem is in the outgoing (from server1 to server 2 on the udp port)
I can see the NAT rule increase on the 1sr server , but I don’t see the accpet rule in 2nd server increase - so I will check this

meanwhile :
can I make only 1 clients to connect to the new l2tp server and all other not to nat all of them ?
make some rule like:
“if lt2p user name is “david” then NAT to y.y.y.y” ?

Thanks,