VPN with NAT to on local host only

Hi,
I need a some help as I’m lost in VPN/NAT problems:

Here’s what I want to do:
I want to enable several people to access a server in my LAN, via PPP or IPSec.

Sounds easy, but it’s a bit more complicated, here are the problems:

• The LAN uses public IPs, my RounterBoard Box is doing the routing and filtering.
• I don’t have much IP addresses left, so the VPN needs to use private addresses.
• The host to be access has a public IP address.
• The VPN should give access to one specific host.
• The host in question is not connected to a dedicated interface on the RouterBoard box.

So, well, maybe someone could give me a few hints on how to achieve this.

See you
Flo

This shouldn’t be too difficult to achieve. Just follow one of the guides on setting up a VPN with an IP pool on MT. From there, you would simply create some firewall rules to only allow the VPN users to access that one specific IP.

The public/private IP thing shouldn’t pose an issue since your MT will know about both networks/subnets and will be able to route traffic accordingly. You just need to make sure (obviously) that your VPN interface is on a publicly accessible IP address so that outside users can actually reach it to dial-in.