Port Redirection over VPN to a host on the remote network


Vigor Routers support open port to a host on the remote network as long as the VPN tunnel established. Clients from the Internet can access specific ports through the WAN interface of the Vigor router, and the router will forward the traffic over the VPN to the remote network. It's the solution to allow internet access to the servers or resources on the remote network which doesn't have a public IP or its ISP blocks certain port.

Here is a scenario where this feature will be very useful. There is a company of which the warehouse in the suburbs, where the fixed-line internet service is not available, the network administrator can only use LTE as the internet source for the warehouse. The LTE only owns a virtual IP address, which makes accessing the surveillance system and inventory management system at the warehouse from the Internet very difficult.

But the company's office locates downtown, which has the fixed-line and a public IP address. So the network administrator constructs the VPN network between the office and warehouse, then, set up the office router to forward specific ports to the warehouse router. Then, the managers can access the warehouse's network to check the live footage and inventory information at any places as long as they connect to the Internet.

an illustration showing an administrator on the Internet accessing a LAN of LTE router over the VPN


1. Set up a VPN to remote network: Go to VPN and Remote Access >> LAN to LAN, click on an available index to add a new profile,

  1. Give a Profile name and Enable it, then select a Call Direction
  2. Select a VPN type and enter the required credentials.
  3. Enter the WAN IP of remote router in Server IP/Host Name for VPN if Vigor Router is Dial-out site.
a screenshot of DrayOS LAN-to-lAN profile

d. Enter Remote IP and Network Mask as remote router's LAN network.
e. Enter Local Network IP as the IP of Vigor Router, it should be router LAN IP to make the function work.
 f. Enter Local Network Mask as the subnet mask of Vigor Router's LAN network.
g. Click OK to apply

another screenshot of DrayOS LAN-to-lAN profile

2. Go to VPN and Remote Access >> Connection Management and use Dial-out tool to establish VPN connection

a screenshot of VPN dial-out tool

3. Port Redirection Configuration: Go to NAT >> Port Redirection at VPN server.

  1. Give a Service Name
  2. Select a Protocol
  3. Enter Public Port as the port to which Internet client should connect.
  4. Enter Private IP as the IP of remote host.
  5. Enter Private Port as the port to which remote host is listening.
a screenshot of Port Rediretion settings

4. After the setting is finished, the remote host can be accessed by the Vigor Router's WAN IP with the defined public port.

Published On: Jun 18, 2019 

Was this helpful?     

Related Articles