NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
allow connection to L2TP VPN server in network (enable ESP protocol)
I have a server in my network (Apple Mac Mini), which has a L2TP VPN server running.
My old router had forwarded these UDP ports to that VPN server: 500, 1701 and 4500.
And: the IP-ESP protocol, which is IP protocol 50; ESP.
This worked fine.
In the new situation, the Orbi (RBK50, firmware 1.4.0.16) sits behind the router, as an exposed host.
The UDP ports (500,1701,4500) have been forwarded to the VPN server.
I am not able to forward the ESP protocol?
When making a connection from the client, the connection times out.
I do not see messages in the Orbi log.
Any suggestions?
Details about the Apple instructions:
https://discussions.apple.com/thread/3142791?tstart=0
I checked:
http://kb.netgear.com/966/Troubleshooting-VPN-passthrough-for-home-routers
(and to test I enabled "respond to ping on internet port")
I do not want to use the Orbi VPN server (openvpn).
hi
when you sat the orbi sits behine another router is the orbi still running in router mode as well as if so you have dual wan
to avoid the dual wan ether put the orbi in AP mode or bridge the up stream router
of just connect thenvpn server to the up stream router and not the orbi
you can port forward through 2 routers but its a pain in the ass
here is a guide to forward through 2 routers
3 Replies
hi
when you sat the orbi sits behine another router is the orbi still running in router mode as well as if so you have dual wan
to avoid the dual wan ether put the orbi in AP mode or bridge the up stream router
of just connect thenvpn server to the up stream router and not the orbi
you can port forward through 2 routers but its a pain in the ass
here is a guide to forward through 2 routers
My setup:
internet --> FritzBox router --> Orbi --> LAN
Yes, the Orbi was still in router mode.
I had disabled DHCP on the Fritzbox router, and set up the Orbi as an exposed host.
Basically, making the Fritzbox as "dumb" as possible, and giving the Orbi all the router responsibilities.
Good point about switching to AP mode. This is an acceptable workaround for now.
Would still be interested in knowing how to solve it in router mode: port forward the ESP protocol.
wvk wrote:My setup:
internet --> FritzBox router --> Orbi --> LAN
Yes, the Orbi was still in router mode.
I had disabled DHCP on the Fritzbox router, and set up the Orbi as an exposed host.
Basically, making the Fritzbox as "dumb" as possible, and giving the Orbi all the router responsibilities.
Good point about switching to AP mode. This is an acceptable workaround for now.
Would still be interested in knowing how to solve it in router mode: port forward the ESP protocol.
you would need to follow the guide i posted above as even though you disabled the dhcp in the fritz its still doing nat and thus anything behind the orbi would be in dual nat and require anything and everything to be port forwarded twice as per the link
however as suggested if you connected the vpn server to the fritz you would just forward it on it , the downside there is anything connected to the fritz would not be able to see things connected to the orbi
the issue with dmz on most domestic routers is it doesnt live on the outside of the NAT like commercial stuff does , also be aware if you port forward something you need to disable its UPnP as otherwise they would clash
you prob have far better access control with the fritz anyway so leave it doing all the routing and just disable its wifi and let the orbi do the wifi and media bridge work in AP mode
just note that in AP mode you can not isolate guest wifi from the main wifi