Alright well i have been looking and looking and either i am so turned around i don’t know where i am or i am just missing something simple.
The only thing i am having trouble with is in the Client setup. It’s asking for the Server IP and Remote Subnet. I have tried having the server ip as the WAN ip, the local gateway IP, an IP inside the LAN network that is not being used. I am stumped.
So what would my Gateway IP and Remote Subnet be if my WAN ip was 70.70.70.70 and LAN gateway as 192.168.0.1 with DHCP handing out addresses from .2 to .253?
Just trying to figure out what this is asking for and why.
Awesome, thanks. Now i get the whole remote subnet having to be outside the usable ip range.
Now im guessing with an L2TP everything is the same, aside from creating a shared key.
But to further convolute the situation. What if my router (192.168.0.1) was behind a firewall (10.1.10.1) with the address of 10.1.10.2. In so much as i have figured out i need ports 500, 4500, and 1701 open and pointing to, what i would assume, 10.1.10.2. If this is all correct would then the server ip still be 70.70.70.70 or 10.1.10.2, 10.1.10.1, or am i twisted up entirely?
Awesome, thanks. Now i get the whole remote subnet having to be outside the usable ip range.
Actually, it’s not that at all.
192.168.0.0/24, means every address from 192.168.0.0 to 192.168.0.255. The .0 address is the network, and the .255 is the broadcast. That means you could assign hosts from 1.-.254.
So by using that as the remote subnet, you are telling the PPTP client that “every address between 192.168.0.1 and 192.168.0.254, look for on the PPTP connection”.
L2TP is just a different type of VPN, and actually secure unlike PPTP. Different types of VPNs have different capabilities as far being able to transverse NAT, hopping between networks (like when you go from WiFi to cellular), etc.
And the case you describe is accurate. Your server IP would still be 70.70.70.70, you’d port forward that stuff to 10.1.10.2, and the remote network would be 192.168.0.0/24.
okay, that makes more sense with the .0. So last question before i pretty much give up. I have everything configured as noted. 10.1.10.1 is forwarding ports to 10.1.10.2, server ip is 70.70.70.70 and remote subnet is 192.68.0.0/24. Server and Client config is set up with the same pre-shared key (vpnkey!). I am trying to log into it from a windows machine on a remote network and am using L2TP/IPsec with pre-shared key and have entered everything correctly. I hit connect and get connecting to 70.70.70.70 then i get the error vpn server not responding. This is confusing the hell out of me because with the ports open im allowing VPN traffic to pass through to the vpn router and i have even tried putting it before the firewall and running it that way bypassing the port forwarding and still getting the same response. Again, thanks for the help.