vigor questions - Page 1

Kelly Avery

Asked: 2021-09-23 10:55:14 +0800 CST

port forward only for vpn clients on draytek vpn router

0

I have a VPN server set up on a vigor 2865. I now want to allow one external ip address, or anyone connected to this vpn, access to a website on an internal server. This website uses a public dns name to resolve to my public ip address. e.g. mysite.mycompany.com

If I port forward 80/443 to the internal server then anyone can access the site. This works fine.

If I add a firewall rule to only allow access to the external ip address then this also works fine.

I thought I could just change the firewall rule to allow the public ip of the vpn/router to give access to vpn clients but this does not work. If I go to https://www.whatismyip.com/, my ip does change when connected to the vpn but the firewall does not let this ip address through despite being configured to do so.

If I set the firewall to use my home ip address then it works but I do not want to configure the private ip addresses of all employees to grant access.

How do I configure the firewall / port forwarding to allow vpn clients only?

robbash

Asked: 2017-01-14 00:30:17 +0800 CST

strongSwan: multiple rightsubnet using IKEv1

0

https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection

According to strongSwan documentation rightsubnet with multiple network addresses only works with IKEv2. There is a common (?) workaround, to set up multiple connections, all using the same SA. Our scenario is that we use a Vigor 2860 as the company VPN gateway where all home offices etc connect to.

If I setup multiple connections in strongSwan I would need to define multiple LAN-to-LAN profiles in the Vigor. Depending on the home offices to connect this would exceed the number of profiles.

Is there another workaround to achieve traffic to a 2nd subnet being sent through the tunnel? (Routing? NATing?)

Thanks in advance.

JimS

Asked: 2011-08-04 02:28:05 +0800 CST

Vigor 2820 Router -Port Forward Not Working

4

We are trying to solve what should be a trivial problem! We have a DrayTek Vigor 2820 series ADSL router/firewall and we need to forward port 80 to a web-server.

The box is connected to it's adsl line correctly, and we can access the internet outbound.

I have a PC behind the box, running IIS with no software firewall etc... I can web browse to the pc internally, and get the IIS welcome page. The PC has no routes, and the Vigor is it's default gateway.

I have a port forward configured on the Vigor as per their instructions, to forward port 80 on the public IP address to port 80 on this internal PC.

External management of the router (which would otherwise use port 80) is disabled.

When I try to browse to the port forward via a seperate connection, the page doesn't display.

If I examine the syslog output from the vigor, I see it performing a virtual server port forward operation as I have requested, however, from running wireshark on the target PC, the request never arrives.

I have tried three different versions of firmware, as I found various reports about NAT being broken in one version or another...

Does anybody have this functionality working using one of these boxes?? I have seen several threads online saying they had problems with it, but I haven't found a solution. I can't imagine that this function is faulty in 3 versions of the o/s, so I must be missing something!!

waszkiewicz

Asked: 2009-06-26 01:31:36 +0800 CST

Username to Logon to Vigor Draytek 2950

1

I have a dual-wan DrayTek Vigor 2950 router and it's working really really good! The only thing that bothers me, without being a huge problem, is that I can't configure a user name to connect to the router's configuration page. It's very easy to set a password, but after looking everywhere in the user's guide and on the web, I still stay without answers. Does anyone have an idea, how I could resolve that case? Thanks.

Martin

Asked: 2009-05-15 01:24:21 +0800 CST

Setting up RADIUS Server for use by a VPN device

3

Currently we have a Vigor 3300 router that acts as our VPN server. At the moment we set up connections for home workers manually in the device.

What I would like to do is remove this extra step and instead allow them to use their Active Directory credentials to login to the VPN. I understand RADIUS is the way to do this. Unfortunately the manual for the Vigor is quite cryptic, although it give details on how to set up the unit itself I am unsure about how I set up the actual RADIUS server.

Can any one offer some generic advice on how to do this, or point to a resource on the internet that is idiot proof.

Much appreciated.

port forward only for vpn clients on draytek vpn router

strongSwan: multiple rightsubnet using IKEv1

Vigor 2820 Router -Port Forward Not Working

Username to Logon to Vigor Draytek 2950

Setting up RADIUS Server for use by a VPN device

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Questions[vigor](server)