Problem with L2TP and routers. How to configure UPnP for my task?

D

Dmitry Maksimenko2015-10-09 06:26:58

network hardware

Dmitry Maksimenko, 2015-10-09 06:26:58

Good afternoon!
I am making a DC++ client for a local area network based on FlyLinkDC
Every day I communicate with the developer and he does not know how to help me.
The bottom line is that the network has not yet been transferred to IPOE connections and subscribers work in the old way through an L2TP vpn connection.
Accordingly, on routers, it looks like this: first there is a simple connection with DHCP receiving settings ( let's call it "ISP" ) and a vpn connection is established on top of it ( let's call it "L2TP0" ), which specifies the login and password for accessing the Internet.
The ISP interface has an address from the subnet with a /24 mask, which is already included in the large subnet 10.0.0.0/9
(For example, at my house 10.30.102.18)
That is, the router already has 2 ip interfaces for accessing the network.
Routes for certain networks come via DHCP, which must go through the ISP interface.
Among them, the route to the network 10.0.0.0/9 through the gateway, which is the gateway on the ISP interface (in my case 10.30.102.1)
An IP address is assigned to the L2TP0 interface from another gray network (in my case ip 172.16.149.218) which is further already NAT 'it and goes to the Internet.
On some routers, this mode of operation is called " Double Acces / Russian L2TP "
And now the problem is:
DC ++ client (and indeed any application, be it uTorrent or anything else that uses the UPnP protocol) over the UPnP protocol does port forwarding only on the L2TP0 interface without affecting ISP interface.
And now I'm scratching my head whether it's really possible to force the router to do port forwarding on all interfaces using UPnP.
For example, I will give logs from a Zyxel router:

Oct 08 16:50:43ndmUPnP::Manager: redirect rule added: tcp L2TP0:3000 -> 192.168.1.33:3000.
Oct 08 16:50:43ndmUPnP::Manager: forward rule added: tcp L2TP0 -> 192.168.1.33:3000.
Oct 08 16:50:43ndmUPnP::Manager: redirect rule added: udp L2TP0:3000 -> 192.168.1.33:3000.
Oct 08 16:50:43ndmUPnP::Manager: forward rule added: udp L2TP0 -> 192.168.1.33:3000.

For a general understanding, I am attaching a screenshot of the router settings that I need to achieve (in the screenshot of the settings that I manually entered)

That is, it is clear that I made rules for ISP and L2TP0 interfaces, and UPnP does only for L2TP0.
Options like "write instructions for subscribers how to forward ports" are not good ...

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

D

Dmitry Maksimenko, 2015-10-27
@mcdemon

As a result:
on popular routers like Dlink and TPlink, where there is a separate connection type "Dynamic IP + L2TP (Russian L2TP)" it looks like one ip interface for uPNP.
Accordingly, the scale of the problem turned out to be smaller than I thought.
So be it, for züksels and other unpopular vendors I will write instructions ...

V

Valentin, 2015-10-09
@vvpoloskin

Chaotically. Why can't you use only one default route through l2tp, and close all connectivity via Ethernet beyond the gateway on the bracelet?

E

Evgeny Kunitsyn, 2015-10-09
@LordMerlin

There are a couple of questions. Is there a hub on the 10.0.0.0/9 subnet at all? Or is it external? Look at the manual creation of rules and without them, do you have peers from this subnet at all? And that may be why the rules are not created, because there is nothing for them, there is no one to forward the port to.