0

I heard a double NAT can introduce problems with VPNs, but I don't understand why. I want to have a LAN behind a double NAT that can be connected to using a VPN.

My desired network would look something like this:

internet <---> ISP router/gateway with NAT <---> LAN1 <---> custom router/VPN server with NAT <---> LAN2

I was planning on running the VPN on the custom router (which is running openwrt) and then exposing it by using port forwarding on the ISP router.

Are there any issues with this setup?

Improve this question
5
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer.
    – Community Bot
    Commented May 17 at 18:00
  • 1
    the only real problem with double-nat (other than that you need to double the port forwarding configuration to daisy-chain forwarding rules) is that UPNP connections from devices like PlayStation's can't configure both the routers, so auto-configuration for adhoc port-forwarding won't work. I expect the configuration you describe to work fine. Also i don't really think this is double-nat if the VPN is coming from the interior router. if you had a vpn server inside the inner network, then you would but in this case the only NAT you need to forward through is the ISP router's.
    – Frank Thomas
    Commented May 17 at 18:22
  • Agreed. Use OpenVPN and host it yourself. Should be fine.
    – JayCravens
    Commented May 17 at 19:53
  • Thanks for the comments. I wanted to make sure I wouldn't run into any issues before diving into the actual configuration of everything. If someone writes that as an answer, I'd accept it.
    – jnasworld223
    Commented May 17 at 20:09
  • 1
    the only warning I feel like I should give, is make sure that the IP network on the interior router's LAN is not a common range like 192.168.0.0/24, 192.168.1.0/24, 172.16.0.0/16, or 10.0.0.0/8. its more or less impossible to connect two networks together via VPN if they share the same IP range.
    – Frank Thomas
    Commented May 17 at 22:39

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .