I have two router which connected with vpn. The router configuration like this
Router CORE
PUBLIC IP : 66.96.234.199/32
IP VPN : 172.1.23.1
Router Client
IP VPN : 172.1.23.33
I've port forward from router client to router core which that router have ip public. When i'm access Router Client with ip public + port that i've forward before, in /system active user show ip router core vpn. How can i get real address when access router client?. Sorry for my english
This is from my router client
Flags: R - radius, M - by-romon
You have to adjust SRC NAT rules. It’s hard to tell in what way because you didn’t post almost any details about configuration (both core router and client router configurations matter).
Is that supposed to be a private LAN address? If so, it betrays a common misunderstanding of RFC 1918, which is that all 172.* addresses are available. That isn’t the case. 172.0.0.0/12 belongs to AT&T. As long as you use their IP block on your private network, any time a DNS lookup resolves to one of their IPs, it’ll get eaten by your local network configuration.
If I’m right about this, you should renumber to something in the 172.16.x.y - 172.31.x.y space.
in /system active user show ip router core vpn.
Yes: you will indeed see an internal IP in that case. That’s the wrong level to expect to see a public IP address.
How can i get real address when access router client?.
172.1.23.0/24 is local vpn ip from router core to router client. When router client connect to router core, router client get ip 172.1.23.33 from vpn tunnel. Mkv tell to use src nat its right. But i dont know how to config src nat in both of router