mr_first2022-03-21 15:35:21
mr_first, 2022-03-21 15:35:21

2 L2TP Server behind NAT?

There are two NAS behind NAT, on which L2tp / IPSec servers are raised. Inside NATa, the connection to the servers goes without problems.
When connecting to one server with chains up in firewall nat port forwarding chain: dstnat…. dst. port (1701, 4500, 500)……..dst-nat……to ports (1701, 4500, 500), there is also a connection.
This is in the case of one server

. But it is worth adding a second server and changing dstnat Dst for both servers in the chains. Ports, then the connection is no longer going through.

In the case of one server in the VPN client, I specify a direct IP and the connection is established, but when I reconfigure the ports, I specify IP:port in the Server address


. ?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
shurshur, 2022-03-21

This is inevitable, since it is impossible to nat to two different addresses on the same ports, and then how to distinguish between them? You will either have to use one server for all connections, or distribute them to different external addresses. Alternatively, you can use a VPN that allows you to work on any port (openvpn, wireguard and many others allow this).

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question