Comments

  • The primary router that is doing NAT has external IP that we connect through. From this router we got a line to our office router that is also doing NAT for our network, but the line we got is a 'private' LAN addressed 10.x.x.x that we connect to our office router. So our office router has * WAN interface with 10.x.x.x…
  • Hi Kimmo Thanks again. The primary NAT router must forward 500 in 4500 traffic to our office router or not ? On our office router we have a WAN interface IP address of 10.x.x.x., that is being connected to some internal VLAN to primary router that has a public internet connection. Regards, Miha
  • Our 'soho' router WAN interface is not directly on internet it is routed through another router that is also doing NAT. So this 'primary' router doesn't need to do port forwarding ? How can we than configure our router to do a site-site VPN to main office with M200 box ? Regards, Mike
  • Hi Kimmo Thank you for reply. But afaik the remote site router (router that is in front from our router) would need to forward UDP ports 500 & 4500 from their public IP addr to our router external IP addr for this to work. If this is not possible (due to company that is providing us internet access regulations) are there…
  • It's a 'cheap' TP-link router that only support client-site vpn but not site-site. For now we configured it to establish a client-site VPN so computers behind this router can access resources in main office. But from main office we can't connect /access computers that are behind this 'soho' router.
  • Hi Kimmo For this option we need to have WG on both sites or can we do it with WG only on 'master' site and SW solution (pfsense or any other device) ? The problem is that we need to have communication both way from remotesite-->mastersite and from mastersite-->remotesite Regards, Mike
  • Hi Bruce Thank you for reply. It's a problem because people who are responsible for master (remote site router) wan't allow port forwarding. Are there any other options we can use (maybe some kind of a SSH tunnel between two locations) ? I am thinking of some kind of SW solution that we can install on computer on remote…