I faced up with a problem, to publish service on server from remote office branch, connected via VPN IPsec (SRX5308<->FVS318G) with main office network, on central router SRX5308.
Does anyone try such configuration?
Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
a. As I have understand your initial post, you wanted to access the server from the remote office through the VPN tunnel, am I correct? If yes, then port forwarding is not needed because the connection is via the VPN tunnel.
b. Is the VPN connection (SRX5308<->FVS318G) working fine before?
c. Are you able to get replies when you ping the LAN IP address of the server from the remote office via the VPN tunnel?
I just want to verify. From the diagram you have posted, there is a broken line from the remote user to the SRX5308. Does it mean that there is a client-to-box VPN between the remote user and the SRX5308?
What if you configure a client-to-box VPN between the remote user and the FVS318G so that you could give the remote user access to the server. I believe this is possible.
There is no vpn connection between remote system amd SRX5308, I need to use port forwarding in order to provide access to the servewr in remote location.
Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
The remote system you are referring to, is it directly connected to the SRX5308? If ever its directly connected, why not just use the VPN tunnel between the SRX5308 and the FVS318G.
Since the remote system is a computer being used during travels, then I suggest you to configure a client-to-box VPN between the remote system and the FVS318G so that the remote system could access the server wherever it goes. However, bear in mind that the LAN IP Address on the remote system varies from time to time because you will connect it to different networks as you travel (for example: internet cafe, hotel WiFi network, etc.). Because of this, be aware that the LAN IP Address of the remote system should be different from the LAN IP Address of the server that is connected to the FVS318G so that you could establish a VPN tunnel.
I just want to follow-up on this. Were you able to try to configure a client-to-box VPN between the remote system and the FVS318G?
You may want to try to install the latest NETGEAR VPN Client Professional which the version 6.40.004 on the remote system PC. You may download it here. Be reminded that you will need to purchase a license key to continue using it after the 30-day trial period. You may purchase the license key to any NETGEAR Authorized Reseller.
Kindly access the article below on how to configure client-to-box VPN as reference guide:
I am aware about such opportunity, but I need to use port forwarding on main srx5308, and I suppouse that routing table is a key point in this problem.
Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
As a follow-up on this, it is not really possible to implement what you want just by using port forwarding on the SRX5308. Port forwarding will only allow a service or set of services to be accessible from the remote PC to the SRX5308 and it's LAN, but not onto the FVS318G.
Configuring a client-to-box VPN between the remote PC and the FVS318G would be advisable to do. Alternatively, you may configure port forwarding on the FVS318G so the remote PC can go directly to the FVS318G.
We’d greatly appreciate hearing your feedback letting us know if the information I’ve provided has helped resolve your concern or if you need further assistance.
If ever your concern has been resolved, I encourage you to mark the appropriate reply as the “Accepted Solution” so others can be confident in benefiting from the solution. The NETGEAR Community looks forward to hearing from you and being a helpful resource in the future!
