In certain circumstances it may not be possible to implement port forwarding to a location where a network resource is to be reached, for example where no public IPv4 address is available (e.g. with dual-stack lite).
In a case like this, port forwarding can be realized via a VPN tunnel if the location has a VPN connection to another site that does have a public IPv4 address.
This document describes how to implement port forwarding through a VPN tunnel.
Please note that when using port forwarding, anyone can read unencrypted information as cleartext. LANCOM Systems recommends using an encrypted VPN connection when transferring important information.
1.3) Write the configuration back to the router. This concludes the configuration at the headquarters.
2) Configuring the VPN route on the router at the branch office:
Since communications are required with a party on the Internet, a default route must be created for the VPN connection.
2.1) Open the configuration of the router at the branch office and switch to the menu item IP router → Routing → IPv4 routing table.
Image Removed
Image Added
2.2) Mark the default route for the Internet connection and click Copy.
Image Removed
Image Added
2.3) Modify the following parameters:
Routing tag: Enter a routing tag not equal to 0, which has not yet been assigned elsewhere.
Router: From the drop-down menu, select the VPN remote for the headquarters.
IP masquerading: Set the radio button to IP masquerading switched off
Hinweis
The routing tag must not match any interface tag already stored under IPv4 → General → IP networks; otherwise the entire communication of this network takes will be routed through the VPN tunnel.