- Home »
- FAQ »
- Connectivity »
- NAT »
- [Vigor3900] How to use one WAN for SSL VPN service and the other WAN to forward TCP Port 443 packets to internal server?
[Vigor3900] How to use one WAN for SSL VPN service and the other WAN to forward TCP Port 443 packets to internal server?
Vigor3900 is a multi WANs router, we can set the Vigor3900 to have different behaviors when receiving the packets from each WAN connection, even it is connecting to the same TCP/UDP port. This can simply achieve by setting the open ports or port redirection on each WAN connection. However, when it comes to the connection ports which may be listened by Vigor3900 built in service, such as port 443 for HTTPS, port 21 for FTP or port 1723 for PPTP, we will need some extra steps to make the packets can be forwarded to the LAN server. Suppose Vigor3900 has two WAN connections, and we want to use WAN1 for local SSL VPN service with default port and the other WAN to forward TCP Port 443 packets to internal server. The following shows the configurations to achieve the purpose.
1. Go to System Maintenance >> Access Control >> Management Port Setup. Change default HTTPS Port from 443 to the other one, such as 4433.
2. In the same page, deselect wan2 from Apply to WAN Interface.
With this configuration, Vigor3900 won't use WAN2 for its local management services, including SSL VPN.
3. Go to NAT >> Port Redirection, click Add to create the profile to forward WAN2 IP TCP Port 443 to internal server.
After above configurations, WAN1 IP with TCP Port 443 will be used for Vigor3900's SSL VPN service.
WAN2 IP with TCP Port 443 will be forwarded to the internal HTTPS server.