VPN Router Issues

[Mkfish]

Hi guys I have a BrightBox2 set up as my "primary" router which acts as the gateway to the internet for all of the devices in my house.

Now on the same Local Network I have a second router configured as an acess point which is an Asus DSL-N66U operating a PPPTP VPN Server.

 

DHCP is handled by the primary router (BrightBox2) (FYI the built in modem in this router has faster fibre speeds than the modem in the Asus for some reason, hence this configuration)

I can connect to the internet via the ASUS Wifi or Asus LAN ports which routes me through to the internet no problem, but when I try and use the VPN server on the Asus router from outside the LAN I can never establish a connection.

 

I tried placing the slave(Asus) in a DMZ to make sure it wasn't a port forward issue but it made no difference

Does anyone know what I'm doing wrong here?

 

 

[brwainer]

Is the DSL-N66U properly in AP mode, or is DHCP disabled and the two routers are connected LAN port to LAN port? My initial ideas are a) that the ASUS may not support VPN connections coming in on what it sees as it's LAN ports and/or LAN IP, b ) that normally the pptp server server has to also do the DHCP for the remotely connected clients, they can't get their IP address from another device on the network, c) have you made sure that in the Brightbox2 config, and VPN passthrough features are enabled, regardless of the DMZ status of the asus? PPTP actually uses the GRE protocal in addition to PPTP, and just placing the Asus in the DMZ may not account for that. The true solution is to set up the port forwarding for the TCP sode of PPTP manually instead of using DMZ, and make sure that the VPN passthrough is enabled. The VPN passthrough works by detecting the TCP VPN traffic, and then asjusting the firewall/NAT to allow the GRE traffic.

[Mkfish]

Is the DSL-N66U properly in AP mode, or is DHCP disabled and the two routers are connected LAN port to LAN port? My initial ideas are a) that the ASUS may not support VPN connections coming in on what it sees as it's LAN ports and/or LAN IP, b ) that normally the pptp server server has to also do the DHCP for the remotely connected clients, they can't get their IP address from another device on the network, c) have you made sure that in the Brightbox2 config, and VPN passthrough features are enabled, regardless of the DMZ status of the asus? PPTP actually uses the GRE protocal in addition to PPTP, and just placing the Asus in the DMZ may not account for that. The true solution is to set up the port forwarding for the TCP sode of PPTP manually instead of using DMZ, and make sure that the VPN passthrough is enabled. The VPN passthrough works by detecting the TCP VPN traffic, and then asjusting the firewall/NAT to allow the GRE traffic.

Basically the N66U is connected via lan port so I supsect you are right about the N66U not detecting VPN connections via a LAN connection.

Thanks so much you've given me a big insight into what is going wrong here. I think the problem is that the BrightBox2 has no options for VPN passthrough, so I doubt that it's capable of performing such a task. And I don't think just port forwarding will be enough as you mentioned the VPN server needs the local DHCP server to assign the IPs and can't rely on the BrightBox2 to assign vpn IP's

I think I'm just going to have to switch them back around (which is my preffered configuration anyway) and get some purpose built wireless repeaters instead of trying to repurpose an ISP's router.. which obviously they don't want to facilitate to you easily..