login · register	food site

	All Forums		Hot Topics		Gallery

how-to block ads

Forums →

Industry Forums → Wireless Service Providers > Forward ports to VPN client for Camera app

uniqs
253

« Adjustable standoff for tripod? adjust horizontally • Airview possible noise help »

Keithb join:2003-09-16 US	Keithb Forward ports to VPN client for Camera app I have a pc on a corporate network that has a constant PPTP VPN connection to the router on the edge of our wireless network. On this pc I installed some security camera software that has a remote app. What I am trying to accomplish is forward 2 ports to this pc from the edge router to be able to access this from the outside world via an app. Since using the VPN, the Mikrotik is my gateway instead of my network router. So in RotuerOS I am unable to forward the ports to this specific IP which I believe has to do with the VPN connection. PPP server on WAN port which has public IP of 8.xx.xx.xxx. PPP clients receive local IP's of 10.10.30.xx. Is there something special that needs to be done when dealing with forwarding ports through a PPP connection?
	hey mods · actions · 2013-Sep-24 11:24 am ·
gunther_01 Premium join:2004-03-29 Saybrook, IL	gunther_01 Confused on which router is the one that needs configured. The edge, or the MT? I hate to ask, but why does a PC within a corporate network, have a VPN connection to their ISP's head end router anyway? But in any case you should be able to forward ports on the router that is in charge of the VPN and or any other routers ahead of that one. -- »www.wirelessdatanet.net
	hey mods · actions · 2013-Sep-24 7:15 pm ·
Keithb join:2003-09-16 US	Keithb Sorry, that may have been a little confusing. The edge router is the Mikrotik router in question. PC/VPN ----> Sonicwall ---> Edge Router/VPN Server The pc with VPN is the pc that has the camera software. I tried rules on the Edge router with no luck, and I'm not sure why. Not sure if I should choose the PPTP interface in the rule, or the IP of the VPN client, etc. These firewall rules always kick my butt.
	hey mods · actions · 2013-Sep-24 9:41 pm ·
gunther_01 Premium join:2004-03-29 Saybrook, IL	gunther_01 reply to Keithb As simple as it may be. You would def want to have your forward rules a head of the masq or other rules for that customers IP rules. I'm not sure which interface you would use honestly. Also check the flow charts for MT. There may be a method that has to be used in order for it to work accordingly. Sometimes with NAT and other rules, things don't happen in the order we think they do. The flow charts help show us where they do happen and what to work on instead. Like pre or post routing, and interface rules, Etc.. This is foreign to me. Just some ideas. Sorry -- »www.wirelessdatanet.net
	hey mods · actions · 2013-Sep-25 1:20 am ·
Keithb join:2003-09-16 US	Keithb Thanks. I added this rule ahead of the masquerade. 0 chain=dstnat action=dst-nat to-addresses=10.10.30.198 to-ports=4010-4011 protocol=tcp in-interface=wan dst-port=4010-4011 with no luck. The to-address is received from the PPTP server.
	hey mods · actions · 2013-Sep-26 9:40 am ·

gunther_01 Premium join:2004-03-29 Saybrook, IL	gunther_01 And you aren't doing any 1:1 for this customer either? Is it possible the sonic wall is blocking this traffic? Those things have some neat built in features to prevent malware and such (if enabled) It may think your "stream" is a virus... Depending on configuration on the PC, the PC could be sending that stream out the wrong direction. There are options to have all traffic pass through the VPN client, or via other gateways. You may want to check that also. But just to be clear, the PC IS able to ping the VPN server properly, and traffic IS going over that VPN and not normal IP means back to your head end? That set up is just strange to me in general to be frank. -- »www.wirelessdatanet.net
	hey mods · actions · 2013-Sep-26 3:07 pm ·
Keithb join:2003-09-16 US	Keithb No 1:1 NAT. If the VPN is disconnected, the camera app works just fine through the SonicWall. After connecting the VPN, the camera app will not connect. It will ping the VPN server and a router behind that router via OSPF. This pc actually hosts PRTG that monitors and graphs load for our Wireless ISP but is a regular desktop for a corporate user on our corporate LAN. The VPN is required to connect into the Wireless network in order to use PRTG. ISP is not our primary business and PRTG was installed on this pc a great while ago and just never got moved to a different pc.
	hey mods · actions · 2013-Sep-26 4:45 pm ·
Keithb join:2003-09-16 US	Keithb reply to gunther_01 I believe I have it figured out. The NAT apparently did work, but the configuration within the app kept defaulting elsewhere. Thanks for sticking in there with me.
	hey mods · actions · 2013-Sep-26 4:55 pm ·
gunther_01 Premium join:2004-03-29 Saybrook, IL	gunther_01 reply to Keithb Good to hear. I follow you on your configuration now also. I just couldn't wrap my head around why until you explained it I use PRTG also. Nice program when they don't slow it down with AJAX -- »www.wirelessdatanet.net
	hey mods · actions · 2013-Sep-26 10:27 pm ·
Keithb join:2003-09-16 US	Keithb Well, it worked for a bit and something changed. I ended up disabling the 'use default gateway on remote network' on the windows vpn client and it uses the SonicWall as the gateway instead of the Mikrotik router. All works now.
	hey mods · actions · 2013-Sep-27 11:27 am ·

Forums → Industry Forums → Wireless Service Providers	« Adjustable standoff for tripod? adjust horizontally • Airview possible noise help »