F5F Stay Refreshed Power Users Networks Assistance with VPN routing for one-to-one native connections

Assistance with VPN routing for one-to-one native connections

Assistance with VPN routing for one-to-one native connections

K
KingJjpr
Member
Find
214
04-20-2016, 10:14 AM
#1
Background: VPN server running at home. Access it from my phone externally and obtain a static IP (10.10.100.101). Need to establish a direct nat connection between the VPN server and my LAN so I can apply IP rules. Plan is to route traffic from 10.10.100.0 internally. Intended to set up a 1:1 nat between 10.10.100.0 and 10.10.101.0, giving each VPN device its own LAN IP for management. Experienced delays getting it working correctly. Checked router logs and noticed an IPv4 source from 157.240.8.13 on 10.10.101.101 via eth0. Investigated and think my IPtables on the VPN server aren’t updating source IPs, causing requests from my phone to appear as if they’re coming from 10.10.101.0. When the response arrives, that network doesn’t exist, so it can’t be routed. Is this correct? And what should I do to fix it or adjust the setup? Thanks ahead.
Reply
Reply
K
KingJjpr
04-20-2016, 10:14 AM #1

Background: VPN server running at home. Access it from my phone externally and obtain a static IP (10.10.100.101). Need to establish a direct nat connection between the VPN server and my LAN so I can apply IP rules. Plan is to route traffic from 10.10.100.0 internally. Intended to set up a 1:1 nat between 10.10.100.0 and 10.10.101.0, giving each VPN device its own LAN IP for management. Experienced delays getting it working correctly. Checked router logs and noticed an IPv4 source from 157.240.8.13 on 10.10.101.101 via eth0. Investigated and think my IPtables on the VPN server aren’t updating source IPs, causing requests from my phone to appear as if they’re coming from 10.10.101.0. When the response arrives, that network doesn’t exist, so it can’t be routed. Is this correct? And what should I do to fix it or adjust the setup? Thanks ahead.

Reply
Reply
S
SnowmanKids
Junior Member
Find
15
04-22-2016, 08:27 AM
#2
Many of these details are unclear. You may need to set up a route in your router so that traffic destined for the 10.10.101.0 network connects to your local VPN server's IP address.
Reply
Reply
S
SnowmanKids
04-22-2016, 08:27 AM #2

Many of these details are unclear. You may need to set up a route in your router so that traffic destined for the 10.10.101.0 network connects to your local VPN server's IP address.

Reply
Reply
F
FuzzyMug
Senior Member
Find
476
04-22-2016, 01:48 PM
#3
I thought the 1:1 nat on the VPN server would switch from 101 to 100, ensuring the core router processes only 100 traffic and responds to that amount.
Reply
Reply
F
FuzzyMug
04-22-2016, 01:48 PM #3

I thought the 1:1 nat on the VPN server would switch from 101 to 100, ensuring the core router processes only 100 traffic and responds to that amount.

Reply
Reply
G
geabaars09
Junior Member
Find
23
04-22-2016, 04:35 PM
#4
I was discussing routing, but a one-to-one NAT would handle that. Sadly I’m not very comfortable with 1:1 NAT.
Reply
Reply
G
geabaars09
04-22-2016, 04:35 PM #4

I was discussing routing, but a one-to-one NAT would handle that. Sadly I’m not very comfortable with 1:1 NAT.

Reply
Reply