NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

LangusIII's avatar
LangusIII
Follower
Oct 28, 2017

FVS318N VPN Setup behind NAT Modem

Hello guys,   I'd like to use my FVS318N router (fw4.3.5-3) as a VPN Server to acces my SOHO-LAN but given that it is behind a NAT Modem I couldn't yet. Which are the ports I have to forward on the...
Hardware
Security
Solutions
Troubleshooting
train_wreck's avatar
train_wreck
Luminary
Oct 31, 2017

The proper ports/protocols needed for IPsec VPN to pass through a NAT device (such as your front line NAT modem) are:

 

UDP ports 500 and 4500

Protocol ESP (protocol number 50)

 

That said, I agree with DaneA's recommendation to just put the modem into DMZ mode (sometimes called "passthrough" or "bridge" mode) and run the FVS318N directly exposed. It's a firewall, it was designed to do exactly that. It will provide adequate security (at least until its internal software gets too old; Netgear end-of-lifed all the FVS VPN firewalls last month, so there will be no future security updates).

 

Doing this also avoids you being in what's called a "double NAT" situation, which can wreck havok on performance and reliability for certain protocols. Not to mention, the 318N is almost certainly more powerful of a NAT engine than the modem.

 

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More