Im not saying thats what im going to do, also I have a phone with hotspot with its own ip range and i can teather to one of these boxes allowing me to not be here , if that makes sense
This is correct. The AP Mode can’t VPN … I Thought we are talking about getting Internet … VPN is something different. I am out for today, it seems I am not able to follow what is the target setup here.
so my ipadress by ISP on one of my Shadow behind router
and in the other set up is another router connected to hotspot and when i know it works ill reverse the steps for getting my router to work here today and apply those steps to the offsite location changing all the appropriate info to fit the scenario , making it all static etc
Oky no worries lad, have a top night out,
Looks like double nat is what i need then
either two accessible externally routers or one master router , with a slave that can see internet and allow vpn
Getting internet is one of those yes, now once internet can be seen and i can see device on lan through primary router
now it needs to be able to vpn too
I am on newest firmware already :):):):):):
What a legend have one for us too
the set up is
I have a glinet router attached to a glinet router via lan
one is master (ISP)
The other is lan from said ISP router
the slave (LAN) needs to see internet and be able to vpn
Double NAT is sometimes a little tricky. Make sure the VPN Server is available via Port forwarding trough the ISP Router. And in Client mode the ISP Router firewall has to allow VPN.
And only devices behind the shadow can use the VPN. You won’t get VPN for devices on the WAN port. In theory possible, but some kind of advanced.
So double nat is what?
two of the router adresses going on at once?
I have truenas scale, there implementation of vpn and tunnelling led me to ssh myself, so i thought it best to buy two boxes (routers) put them on my network with NAS hardware attached .
so all i need to go is make the device on my network see the internet: slight_smile:
Can i not forward this router (shadow) to the ports of the other router (flint)
sorry my vernacular for networking is limited and I didn’t understand the inherent complexity of what i was trying to do
Im gona go get some beers now, lityerlly your fault haahahha
NAT is Network Address Translation … This means in the WAN side you have one IP, on the LAN site multiple.
So the router knows where to route each packet from WAN to LAN,
a. because it is initiated from the LAN
b. because there is a port forwarding
The services on a device (GL.iNet Router) will listen to the LAN site. You can allow the most by port number. But this is not the main issue here.
Best is to set up VPN on the ISP Router. Because this device will always NAT. And this is what the GL.iNet Router also do, to connect your mobile devices in a hotel to the one available port/IP. and this is good.
But you can’t set up two GL.iNet devices in your LAN and get magically a full function VPN for all devices. It will only work for devices behind the GL.iNet device.
Rewind: This is, what @admon said at the beginning: Do it with the Flint …
I’ll take the blame. My wife is also nagging, because she want sleep. 4 Vodka/Cola helps to carry the burden.
1 Like
But i have vpn on ISP router too, nord for security, that needs to stay,
hence why I am trying to use a router behind a router?
my friend is it too complex for me to achieve?
I tried ssh from me to offsite and had 1600 unotharised attempts to get into my nas
hence why im doing this
I hear you mate , I fucked mine off on holiday just to get peach and quiet and sort out my offsite backups :D:D:D:
I might set this box up , put it under the stairs and sack off to the offsite location leave her there
hahahahahaha jojes
Do it with the flint,
I think im following you ,
it just dawned on me what. i think ive done wrong back soon
Wait hand on , i have ISP , but no router infront of it,
this is why i was trying to set up Shadow to see the internet and vpn client and me punch in with my phone ,
the way i was trying is the right way is it not?
I cant do it with the flint
I need the server to be offsite and the client to be here,
so I pull the offsite Ip to my home IP and the two can see each others subnets event if its via routing
then I have my offsite and onsite communicating