× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
× Introducing the new Orbi 770 Series Mesh System. To learn more click here.
Orbi WiFi 7 RBE973
Reply

RBR50 as VPN server behind Cisco ECP3925

Twenty
Aspirant

RBR50 as VPN server behind Cisco ECP3925

Hello,

I need a little bit of help here: I have an Orbi RBR50 (fw vV2.3.5.30) connected to a router/model Cisco EPC3925. I would like to connect from Internet using a VPN client to my Orbi system set up as a VPN server, in order to navigate my home network from Internet (I am setting up a smart home). I followed https://kb.netgear.com/31489/How-do-I-use-VPN-on-my-Orbi-system-with-my-iOS-device and configured no-ip.com, but my iPhone with the OpenVPN setup cannot connect to my home network. Do I need to enable something on the Cisco modem to which my router is connected? I set it as "VPN Passthrough" with IPSec passthrough enabled, and PPTP passthrough enabled.

 

Any idea?

Model: RBR50|Orbi AC3000 Tri-band WiFi Router
Message 1 of 5
CrimpOn
Guru

Re: RBR50 as VPN server behind Cisco ECP3925

I see an issue: With the Cisco acting as a router, the Orbi "public" (WAN side) IP is actually a private IP assigned by the Cisco routerThe way DDNS works is that whenever the home router detects that the ISP has assigned a different public IP address, it contacts No-IP.com and updates the database to the new one.. My guess is when you look on No-IP.com, it will not show the Cisco IP public IP address, which is what is needed to find your home on the internet. 

 

The obvious way to set up VPN on the Orbi is to put the Cisco into "bridge" or "passthrough" mode, so that the public IP address assigned by the ISP is given to the Orbi.

 

Or, it could be that there is a VPN solution that can be implemented on the Cisco.  (Have no clue yes or no.)

Message 2 of 5
Twenty
Aspirant

Re: RBR50 as VPN server behind Cisco ECP3925

I think I solved my problem (finally), by setting my RBR50 as DMZ host IP address on my modem/router EPC3925. Is there any risk to do that, enabling attacks from Internet on my home network?

Message 3 of 5
CrimpOn
Guru

Re: RBR50 as VPN server behind Cisco ECP3925

Glad you discovered the DMZ.  (Usually, one of the "Guru's" on the forum will point notice when I have overlooked something.)

 

Having the DMZ point at the Orbi is one of the accepted methods of avoiding the "Double NAT" problem.  The Orbi is exposed the same way it would be if the Cisco were only a modem.

 

Good Luck!

Message 4 of 5
Twenty
Aspirant

Re: RBR50 as VPN server behind Cisco ECP3925

Thanks a lot for your message, and for having replied so fast. I actually tried DMZ at the same time as you posted your first reply. I left it at enabling DMZ, because I am not sure how to implement the passthrough solution on that sepcific Cisco modem/router. I will come back to your proposal if I meet a roadblock. Again, thanks a lot.

Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 1298 views
  • 1 kudo
  • 2 in conversation
Announcements

Orbi 770 Series