Hi!
Does anyone know the correct settings to get work VPN server behind Turris (not on Turris!)?
I have Synology NAS in LAN and there is working VPN server (L2TP/IPSEC). I would like to set Turris up to pass VPN to my Synology.
I did port forwarding for 500, 1701 and 4500:
config rule
option src 'wan’
option dest 'lan’
option dest_port '500’
option proto 'udp’
option target 'ACCEPT’
option name 'VPN-500’
option dest_ip '192.168.0.10’
option family ‘ipv4’
config rule
option target 'ACCEPT’
option src 'wan’
option proto 'udp’
option dest_port '1701’
option name 'VPN-1701’
option dest 'lan’
option family 'ipv4’
option dest_ip ‘192.168.0.10’
config rule
option target 'ACCEPT’
option src 'wan’
option proto 'udp’
option dest_port '4500’
option name 'VPN-4500’
option dest 'lan’
option dest_ip '192.168.0.10’
option family ‘ipv4’
Also I tried rules like this one:
config rule
option src 'wan’
option dest 'lan’
option dest_port '500’
option proto 'udp’
option target 'ACCEPT’
option name 'VPN-500’
option dest_ip '192.168.0.10’
option family ‘ipv4’
Hi marck48,
thank you for your settings. I set it up like you but still cannot estabilish VPN connection from internet (from LAN it works).
I read there should be installed iptables-mod-ipsec and kmod-ipt-ipsec - Did you install them?
The only thing I had to do in order to get VPN up and running again, after taking in use the Omnia as my new router, was forwarding the ports udp500, udp1701, udp4500 and tcp1723 to the vpn server. I did this with help of LuCI, the tabs network/firewall/port forwards.
My vpn server also uses l2tp/ipsec. No messing with other rules or iptables.
p.s. I don’t see you are forwarding port tcp1723 in your settings